--- title: List vulnerabilities description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # List vulnerabilities{% #list-vulnerabilities %} Copy pageCopied {% tab title="v2" %} **Note**: This endpoint is deprecated. See the [List Security Findings endpoint](https://docs.datadoghq.com/api/latest/security-monitoring.md#list-security-findings). | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/vulnerabilities | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/vulnerabilities | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/vulnerabilities | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/vulnerabilities | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/vulnerabilities | ### Overview Get a list of vulnerabilities. ### Pagination{% #pagination %} Pagination is enabled by default in both `vulnerabilities` and `assets`. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response. This endpoint will return paginated responses. The pages are stored in the links section of the response: ```JSON { "data": [...], "meta": {...}, "links": { "self": "https://.../api/v2/security/vulnerabilities", "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc", "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc", "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc" } } ``` - `links.previous` is empty if the first page is requested. - `links.next` is empty if the last page is requested. #### Token{% #token %} Vulnerabilities can be created, updated or deleted at any point in time. Upon the first request, a token is created to ensure consistency across subsequent paginated requests. A token is valid only for 24 hours. #### First request{% #first-request %} We consider a request to be the first request when there is no `page[token]` parameter. The response of this first request contains the newly created token in the `links` section. This token can then be used in the subsequent paginated requests. *Note: The first request may take longer to complete than subsequent requests.* #### Subsequent requests{% #subsequent-requests %} Any request containing valid `page[token]` and `page[number]` parameters will be considered a subsequent request. If the `token` is invalid, a `404` response will be returned. If the page `number` is invalid, a `400` response will be returned. The returned `token` is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same `token` and change only the `page[number]` parameter. ### Filtering{% #filtering %} The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the [JSON:API format](https://jsonapi.org/format/#fetching-filtering): `filter[$prop_name]`, where `prop_name` is the property name in the entity being filtered by. All filters can include multiple values, where data will be filtered with an OR clause: `filter[title]=Title1,Title2` will filter all vulnerabilities where title is equal to `Title1` OR `Title2`. String filters are case sensitive. Boolean filters accept `true` or `false` as values. Number filters must include an operator as a second filter input: `filter[$prop_name][$operator]`. For example, for the vulnerabilities endpoint: `filter[cvss.base.score][lte]=8`. Available operators are: `eq` (==), `lt` (<), `lte` (<=), `gt` (>) and `gte` (>=). ### Metadata{% #metadata %} Following [JSON:API format](https://jsonapi.org/format/#document-meta), object including non-standard meta-information. This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables. ```JSON { "data": [...], "meta": { "total": 1500, "count": 18732, "token": "some_token" }, "links": {...} } ``` ### Extensions{% #extensions %} Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the [JSON:API format](https://jsonapi.org/extensions/#extensions) format: `ext:$extension_name`, where `extension_name` is the name of the modifier that is being applied. Extensions can only include one value: `ext:modifier=value`. This endpoint requires the `appsec_vm_read` permission. ### Arguments #### Query Strings | Name | Type | Description | | ------------------------------------------------ | ------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | page[token] | string | Its value must come from the `links` section of the response of the first request. Do not manually edit it. | | page[number] | integer | The page number to be retrieved. It should be equal or greater than `1` | | filter[type] | enum | Filter by vulnerability type. Allowed enum values: `AdminConsoleActive, CodeInjection, CommandInjection, ComponentWithKnownVulnerability, DangerousWorkflows, DefaultAppDeployed, DefaultHtmlEscapeInvalid, DirectoryListingLeak, EmailHtmlInjection, EndOfLife` | | filter[cvss.base.score][`$op`] | number | Filter by vulnerability base (i.e. from the original advisory) severity score. | | filter[cvss.base.severity] | enum | Filter by vulnerability base severity. Allowed enum values: `Unknown, None, Low, Medium, High, Critical` | | filter[cvss.base.vector] | string | Filter by vulnerability base CVSS vector. | | filter[cvss.datadog.score][`$op`] | number | Filter by vulnerability Datadog severity score. | | filter[cvss.datadog.severity] | enum | Filter by vulnerability Datadog severity. Allowed enum values: `Unknown, None, Low, Medium, High, Critical` | | filter[cvss.datadog.vector] | string | Filter by vulnerability Datadog CVSS vector. | | filter[status] | enum | Filter by the status of the vulnerability. Allowed enum values: `Open, Muted, Remediated, InProgress, AutoClosed` | | filter[tool] | enum | Filter by the tool of the vulnerability. Allowed enum values: `IAST, SCA, Infra, SAST` | | filter[library.name] | string | Filter by library name. | | filter[library.version] | string | Filter by library version. | | filter[advisory.id] | string | Filter by advisory ID. | | filter[risks.exploitation_probability] | boolean | Filter by exploitation probability. | | filter[risks.poc_exploit_available] | boolean | Filter by POC exploit availability. | | filter[risks.exploit_available] | boolean | Filter by public exploit availability. | | filter[risks.epss.score][`$op`] | number | Filter by vulnerability [EPSS](https://www.first.org/epss/) severity score. | | filter[risks.epss.severity] | enum | Filter by vulnerability [EPSS](https://www.first.org/epss/) severity. Allowed enum values: `Unknown, None, Low, Medium, High, Critical` | | filter[language] | string | Filter by language. | | filter[ecosystem] | enum | Filter by ecosystem. Allowed enum values: `PyPI, Maven, NuGet, Npm, RubyGems, Go, Packagist, Deb, Rpm, Apk` | | filter[code_location.location] | string | Filter by vulnerability location. | | filter[code_location.file_path] | string | Filter by vulnerability file path. | | filter[code_location.method] | string | Filter by method. | | filter[fix_available] | boolean | Filter by fix availability. | | filter[repo_digests] | string | Filter by vulnerability `repo_digest` (when the vulnerability is related to `Image` asset). | | filter[origin] | string | Filter by origin. | | filter[running_kernel] | boolean | Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a `Host` asset). | | filter[asset.name] | string | Filter by asset name. This field supports the usage of wildcards (*). | | filter[asset.type] | enum | Filter by asset type. Allowed enum values: `Repository, Service, Host, HostImage, Image` | | filter[asset.version.first] | string | Filter by the first version of the asset this vulnerability has been detected on. | | filter[asset.version.last] | string | Filter by the last version of the asset this vulnerability has been detected on. | | filter[asset.repository_url] | string | Filter by the repository url associated to the asset. | | filter[asset.risks.in_production] | boolean | Filter whether the asset is in production or not. | | filter[asset.risks.under_attack] | boolean | Filter whether the asset is under attack or not. | | filter[asset.risks.is_publicly_accessible] | boolean | Filter whether the asset is publicly accessible or not. | | filter[asset.risks.has_privileged_access] | boolean | Filter whether the asset is publicly accessible or not. | | filter[asset.risks.has_access_to_sensitive_data] | boolean | Filter whether the asset has access to sensitive data or not. | | filter[asset.environments] | string | Filter by asset environments. | | filter[asset.teams] | string | Filter by asset teams. | | filter[asset.arch] | string | Filter by asset architecture. | | filter[asset.operating_system.name] | string | Filter by asset operating system name. | | filter[asset.operating_system.version] | string | Filter by asset operating system version. | ### Response {% tab title="200" %} OK {% tab title="Model" %} The expected response schema when listing vulnerabilities. | Parent field | Field | Type | Description | | -------------------- | ------------------------------------------ | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | [object] | List of vulnerabilities. | | data | attributes [*required*] | object | The JSON:API attributes of the vulnerability. | | attributes | advisory | object | Advisory associated with the vulnerability. | | advisory | id [*required*] | string | Vulnerability advisory ID. | | advisory | last_modification_date | string | Vulnerability advisory last modification date. | | advisory | publish_date | string | Vulnerability advisory publish date. | | attributes | advisory_id | string | Vulnerability advisory ID. | | attributes | code_location | object | Code vulnerability location. | | code_location | file_path | string | Vulnerability location file path. | | code_location | location [*required*] | string | Vulnerability extracted location. | | code_location | method | string | Vulnerability location method. | | attributes | cve_list [*required*] | [string] | Vulnerability CVE list. | | attributes | cvss [*required*] | object | Vulnerability severities. | | cvss | base [*required*] | object | Vulnerability severity. | | base | score [*required*] | double | Vulnerability severity score. | | base | severity [*required*] | enum | The vulnerability severity. Allowed enum values: `Unknown,None,Low,Medium,High,Critical` | | base | vector [*required*] | string | Vulnerability CVSS vector. | | cvss | datadog [*required*] | object | Vulnerability severity. | | datadog | score [*required*] | double | Vulnerability severity score. | | datadog | severity [*required*] | enum | The vulnerability severity. Allowed enum values: `Unknown,None,Low,Medium,High,Critical` | | datadog | vector [*required*] | string | Vulnerability CVSS vector. | | attributes | dependency_locations | object | Static library vulnerability location. | | dependency_locations | block [*required*] | object | Static library vulnerability location. | | block | column_end [*required*] | int64 | Location column end. | | block | column_start [*required*] | int64 | Location column start. | | block | file_name [*required*] | string | Location file name. | | block | line_end [*required*] | int64 | Location line end. | | block | line_start [*required*] | int64 | Location line start. | | dependency_locations | name | object | Static library vulnerability location. | | name | column_end [*required*] | int64 | Location column end. | | name | column_start [*required*] | int64 | Location column start. | | name | file_name [*required*] | string | Location file name. | | name | line_end [*required*] | int64 | Location line end. | | name | line_start [*required*] | int64 | Location line start. | | dependency_locations | version | object | Static library vulnerability location. | | version | column_end [*required*] | int64 | Location column end. | | version | column_start [*required*] | int64 | Location column start. | | version | file_name [*required*] | string | Location file name. | | version | line_end [*required*] | int64 | Location line end. | | version | line_start [*required*] | int64 | Location line start. | | attributes | description [*required*] | string | Vulnerability description. | | attributes | ecosystem | enum | The related vulnerability asset ecosystem. Allowed enum values: `PyPI,Maven,NuGet,Npm,RubyGems,Go,Packagist,Deb,Rpm,Apk` | | attributes | exposure_time [*required*] | int64 | Vulnerability exposure time in seconds. | | attributes | first_detection [*required*] | string | First detection of the vulnerability in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format | | attributes | fix_available [*required*] | boolean | Whether the vulnerability has a remediation or not. | | attributes | language [*required*] | string | Vulnerability language. | | attributes | last_detection [*required*] | string | Last detection of the vulnerability in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format | | attributes | library | object | Vulnerability library. | | library | additional_names | [string] | Related library or package names (such as child packages or affected binary paths). | | library | name [*required*] | string | Vulnerability library name. | | library | version | string | Vulnerability library version. | | attributes | origin [*required*] | [string] | Vulnerability origin. | | attributes | remediations [*required*] | [object] | List of remediations. | | remediations | auto_solvable [*required*] | boolean | Whether the vulnerability can be resolved when recompiling the package or not. | | remediations | avoided_advisories [*required*] | [object] | Avoided advisories. | | avoided_advisories | base_severity [*required*] | string | Advisory base severity. | | avoided_advisories | id [*required*] | string | Advisory id. | | avoided_advisories | severity | string | Advisory Datadog severity. | | remediations | fixed_advisories [*required*] | [object] | Remediation fixed advisories. | | fixed_advisories | base_severity [*required*] | string | Advisory base severity. | | fixed_advisories | id [*required*] | string | Advisory id. | | fixed_advisories | severity | string | Advisory Datadog severity. | | remediations | library_name [*required*] | string | Library name remediating the vulnerability. | | remediations | library_version [*required*] | string | Library version remediating the vulnerability. | | remediations | new_advisories [*required*] | [object] | New advisories. | | new_advisories | base_severity [*required*] | string | Advisory base severity. | | new_advisories | id [*required*] | string | Advisory id. | | new_advisories | severity | string | Advisory Datadog severity. | | remediations | remaining_advisories [*required*] | [object] | Remaining advisories. | | remaining_advisories | base_severity [*required*] | string | Advisory base severity. | | remaining_advisories | id [*required*] | string | Advisory id. | | remaining_advisories | severity | string | Advisory Datadog severity. | | remediations | type [*required*] | string | Remediation type. | | attributes | repo_digests | [string] | Vulnerability `repo_digest` list (when the vulnerability is related to `Image` asset). | | attributes | risks [*required*] | object | Vulnerability risks. | | risks | epss | object | Vulnerability EPSS severity. | | epss | score [*required*] | double | Vulnerability EPSS severity score. | | epss | severity [*required*] | enum | The vulnerability severity. Allowed enum values: `Unknown,None,Low,Medium,High,Critical` | | risks | exploit_available [*required*] | boolean | Vulnerability public exploit availability. | | risks | exploit_sources [*required*] | [string] | Vulnerability exploit sources. | | risks | exploitation_probability [*required*] | boolean | Vulnerability exploitation probability. | | risks | poc_exploit_available [*required*] | boolean | Vulnerability POC exploit availability. | | attributes | running_kernel | boolean | True if the vulnerability affects a package in the host's running kernel, false if it affects a non-running kernel, and omit if it is not kernel-related. | | attributes | status [*required*] | enum | The vulnerability status. Allowed enum values: `Open,Muted,Remediated,InProgress,AutoClosed` | | attributes | title [*required*] | string | Vulnerability title. | | attributes | tool [*required*] | enum | The vulnerability tool. Allowed enum values: `IAST,SCA,Infra,SAST` | | attributes | type [*required*] | enum | The vulnerability type. Allowed enum values: `AdminConsoleActive,CodeInjection,CommandInjection,ComponentWithKnownVulnerability,DangerousWorkflows,DefaultAppDeployed,DefaultHtmlEscapeInvalid,DirectoryListingLeak,EmailHtmlInjection,EndOfLife` | | data | id [*required*] | string | The unique ID for this vulnerability. | | data | relationships [*required*] | object | Related entities object. | | relationships | affects [*required*] | object | Relationship type. | | affects | data [*required*] | object | Asset affected by this vulnerability. | | data | id [*required*] | string | The unique ID for this related asset. | | data | type [*required*] | enum | The JSON:API type. Allowed enum values: `assets` | | data | type [*required*] | enum | The JSON:API type. Allowed enum values: `vulnerabilities` | | | links | object | The JSON:API links related to pagination. | | links | first [*required*] | string | First page link. | | links | last [*required*] | string | Last page link. | | links | next | string | Next page link. | | links | previous | string | Previous page link. | | links | self [*required*] | string | Request link. | | | meta | object | The metadata related to this request. | | meta | count [*required*] | int64 | Number of entities included in the response. | | meta | token [*required*] | string | The token that identifies the request. | | meta | total [*required*] | int64 | Total number of entities across all pages. | {% /tab %} {% tab title="Example" %} ```json { "data": [ { "attributes": { "advisory": { "id": "TRIVY-CVE-2023-0615", "last_modification_date": "2024-09-19T21:23:08.000Z", "publish_date": "2024-09-19T21:23:08.000Z" }, "advisory_id": "TRIVY-CVE-2023-0615", "code_location": { "file_path": "src/Class.java:100", "location": "com.example.Class:100", "method": "FooBar" }, "cve_list": [ "CVE-2023-0615" ], "cvss": { "base": { "score": 4.5, "severity": "Medium", "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, "datadog": { "score": 4.5, "severity": "Medium", "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } }, "dependency_locations": { "block": { "column_end": 140, "column_start": 5, "file_name": "src/go.mod", "line_end": 10, "line_start": 1 }, "name": { "column_end": 140, "column_start": 5, "file_name": "src/go.mod", "line_end": 10, "line_start": 1 }, "version": { "column_end": 140, "column_start": 5, "file_name": "src/go.mod", "line_end": 10, "line_start": 1 } }, "description": "LDAP Injection is a security vulnerability that occurs when untrusted user input is improperly handled and directly incorporated into LDAP queries without appropriate sanitization or validation. This vulnerability enables attackers to manipulate LDAP queries and potentially gain unauthorized access, modify data, or extract sensitive information from the directory server. By exploiting the LDAP injection vulnerability, attackers can execute malicious commands, bypass authentication mechanisms, and perform unauthorized actions within the directory service.", "ecosystem": "string", "exposure_time": 5618604, "first_detection": "2024-09-19T21:23:08.000Z", "fix_available": false, "language": "ubuntu", "last_detection": "2024-09-01T21:23:08.000Z", "library": { "additional_names": [ "linux-tools-common" ], "name": "linux-aws-5.15", "version": "5.15.0" }, "origin": [ "agentless-scanner" ], "remediations": [ { "auto_solvable": false, "avoided_advisories": [ { "base_severity": "Critical", "id": "GHSA-4wrc-f8pq-fpqp", "severity": "Medium" } ], "fixed_advisories": [ { "base_severity": "Critical", "id": "GHSA-4wrc-f8pq-fpqp", "severity": "Medium" } ], "library_name": "stdlib", "library_version": "Upgrade to a version >= 1.20.0", "new_advisories": [ { "base_severity": "Critical", "id": "GHSA-4wrc-f8pq-fpqp", "severity": "Medium" } ], "remaining_advisories": [ { "base_severity": "Critical", "id": "GHSA-4wrc-f8pq-fpqp", "severity": "Medium" } ], "type": "text" } ], "repo_digests": [ "sha256:0ae7da091191787229d321e3638e39c319a97d6e20f927d465b519d699215bf7" ], "risks": { "epss": { "score": 0.2, "severity": "Medium" }, "exploit_available": false, "exploit_sources": [ "NIST" ], "exploitation_probability": false, "poc_exploit_available": false }, "running_kernel": true, "status": "Open", "title": "LDAP Injection", "tool": "SCA", "type": "WeakCipher" }, "id": "3ecdfea798f2ce8f6e964805a344945f", "relationships": { "affects": { "data": { "id": "Repository|github.com/DataDog/datadog-agent.git", "type": "assets" } } }, "type": "vulnerabilities" } ], "links": { "first": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=1\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "last": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=15\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "next": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=16\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "previous": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=14\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "self": "https://api.datadoghq.com/api/v2/security/vulnerabilities?filter%5Btool%5D=Infra" }, "meta": { "count": 150, "token": "b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "total": 152431 } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad request: The server cannot process the request due to invalid syntax in the request. {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Forbidden: Access denied {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not found: There is no request associated with the provided token. {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/security/vulnerabilities" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" ##### ```python """ List vulnerabilities returns "OK" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi from datadog_api_client.v2.model.asset_type import AssetType from datadog_api_client.v2.model.vulnerability_severity import VulnerabilitySeverity from datadog_api_client.v2.model.vulnerability_tool import VulnerabilityTool configuration = Configuration() configuration.unstable_operations["list_vulnerabilities"] = True with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.list_vulnerabilities( filter_cvss_base_severity=VulnerabilitySeverity.HIGH, filter_tool=VulnerabilityTool.INFRA, filter_asset_type=AssetType.SERVICE, ) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # List vulnerabilities returns "OK" response require "datadog_api_client" DatadogAPIClient.configure do |config| config.unstable_operations["v2.list_vulnerabilities".to_sym] = true end api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new opts = { filter_cvss_base_severity: VulnerabilitySeverity::HIGH, filter_asset_type: AssetType::SERVICE, filter_tool: VulnerabilityTool::INFRA, } p api_instance.list_vulnerabilities(opts) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // List vulnerabilities returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() configuration.SetUnstableOperationEnabled("v2.ListVulnerabilities", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) resp, r, err := api.ListVulnerabilities(ctx, *datadogV2.NewListVulnerabilitiesOptionalParameters().WithFilterCvssBaseSeverity(datadogV2.VULNERABILITYSEVERITY_HIGH).WithFilterAssetType(datadogV2.ASSETTYPE_SERVICE).WithFilterTool(datadogV2.VULNERABILITYTOOL_INFRA)) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListVulnerabilities`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListVulnerabilities`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // List vulnerabilities returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; import com.datadog.api.client.v2.api.SecurityMonitoringApi.ListVulnerabilitiesOptionalParameters; import com.datadog.api.client.v2.model.AssetType; import com.datadog.api.client.v2.model.ListVulnerabilitiesResponse; import com.datadog.api.client.v2.model.VulnerabilitySeverity; import com.datadog.api.client.v2.model.VulnerabilityTool; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); defaultClient.setUnstableOperationEnabled("v2.listVulnerabilities", true); SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); try { ListVulnerabilitiesResponse result = apiInstance.listVulnerabilities( new ListVulnerabilitiesOptionalParameters() .filterCvssBaseSeverity(VulnerabilitySeverity.HIGH) .filterAssetType(AssetType.SERVICE) .filterTool(VulnerabilityTool.INFRA)); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling SecurityMonitoringApi#listVulnerabilities"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // List vulnerabilities returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_security_monitoring::ListVulnerabilitiesOptionalParams; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; use datadog_api_client::datadogV2::model::AssetType; use datadog_api_client::datadogV2::model::VulnerabilitySeverity; use datadog_api_client::datadogV2::model::VulnerabilityTool; #[tokio::main] async fn main() { let mut configuration = datadog::Configuration::new(); configuration.set_unstable_operation_enabled("v2.ListVulnerabilities", true); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api .list_vulnerabilities( ListVulnerabilitiesOptionalParams::default() .filter_cvss_base_severity(VulnerabilitySeverity::HIGH) .filter_asset_type(AssetType::SERVICE) .filter_tool(VulnerabilityTool::INFRA), ) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * List vulnerabilities returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); configuration.unstableOperations["v2.listVulnerabilities"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); const params: v2.SecurityMonitoringApiListVulnerabilitiesRequest = { filterCvssBaseSeverity: "High", filterTool: "Infra", filterAssetType: "Service", }; apiInstance .listVulnerabilities(params) .then((data: v2.ListVulnerabilitiesResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}