Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

List vulnerabilities

copy Copy pageCopied

Note: This endpoint is deprecated. See the List Security Findings endpoint.

GET https://api.ap1.datadoghq.com/api/v2/security/vulnerabilitieshttps://api.ap2.datadoghq.com/api/v2/security/vulnerabilitieshttps://api.datadoghq.eu/api/v2/security/vulnerabilitieshttps://api.ddog-gov.com/api/v2/security/vulnerabilitieshttps://api.us2.ddog-gov.com/api/v2/security/vulnerabilitieshttps://api.datadoghq.com/api/v2/security/vulnerabilitieshttps://api.us3.datadoghq.com/api/v2/security/vulnerabilitieshttps://api.us5.datadoghq.com/api/v2/security/vulnerabilities

Overview

Get a list of vulnerabilities.

Pagination

Pagination is enabled by default in both vulnerabilities and assets. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response.

This endpoint will return paginated responses. The pages are stored in the links section of the response:

{
  "data": [...],
  "meta": {...},
  "links": {
    "self": "https://.../api/v2/security/vulnerabilities",
    "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc",
    "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc",
    "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc"
  }
}
  • links.previous is empty if the first page is requested.
  • links.next is empty if the last page is requested.

Token

Vulnerabilities can be created, updated or deleted at any point in time.

Upon the first request, a token is created to ensure consistency across subsequent paginated requests.

A token is valid only for 24 hours.

First request

We consider a request to be the first request when there is no page[token] parameter.

The response of this first request contains the newly created token in the links section.

This token can then be used in the subsequent paginated requests.

Note: The first request may take longer to complete than subsequent requests.

Subsequent requests

Any request containing valid page[token] and page[number] parameters will be considered a subsequent request.

If the token is invalid, a 404 response will be returned.

If the page number is invalid, a 400 response will be returned.

The returned token is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same token and change only the page[number] parameter.

Filtering

The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the JSON:API format: filter[$prop_name], where prop_name is the property name in the entity being filtered by.

All filters can include multiple values, where data will be filtered with an OR clause: filter[title]=Title1,Title2 will filter all vulnerabilities where title is equal to Title1 OR Title2.

String filters are case sensitive.

Boolean filters accept true or false as values.

Number filters must include an operator as a second filter input: filter[$prop_name][$operator]. For example, for the vulnerabilities endpoint: filter[cvss.base.score][lte]=8.

Available operators are: eq (==), lt (<), lte (<=), gt (>) and gte (>=).

Metadata

Following JSON:API format, object including non-standard meta-information.

This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables.

{
  "data": [...],
  "meta": {
    "total": 1500,
    "count": 18732,
    "token": "some_token"
  },
  "links": {...}
}

Extensions

Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the JSON:API format format: ext:$extension_name, where extension_name is the name of the modifier that is being applied.

Extensions can only include one value: ext:modifier=value.

This endpoint requires the appsec_vm_read permission.

Arguments

Query Strings

Name

Type

Description

page[token]

string

Its value must come from the links section of the response of the first request. Do not manually edit it.

page[number]

integer

The page number to be retrieved. It should be equal or greater than 1

filter[type]

enum

Filter by vulnerability type.
Allowed enum values: AdminConsoleActive, CodeInjection, CommandInjection, ComponentWithKnownVulnerability, DangerousWorkflows, DefaultAppDeployed, DefaultHtmlEscapeInvalid, DirectoryListingLeak, EmailHtmlInjection, EndOfLife

Show 32 more, HardcodedPassword, HardcodedSecret, HeaderInjection, HstsHeaderMissing, InsecureAuthProtocol, InsecureCookie, InsecureJspLayout, LdapInjection, MaliciousPackage, MandatoryRemediation, NoHttpOnlyCookie, NoSameSiteCookie, NoSqlMongoDbInjection, PathTraversal, ReflectionInjection, RiskyLicense, SessionRewriting, SessionTimeout, SqlInjection, Ssrf, StackTraceLeak, TrustBoundaryViolation, Unmaintained, UntrustedDeserialization, UnvalidatedRedirect, VerbTampering, WeakCipher, WeakHash, WeakRandomness, XContentTypeHeaderMissing, XPathInjection, Xss

filter[cvss.base.score][`$op`]

number

Filter by vulnerability base (i.e. from the original advisory) severity score.

filter[cvss.base.severity]

enum

Filter by vulnerability base severity.
Allowed enum values: Unknown, None, Low, Medium, High, Critical

filter[cvss.base.vector]

string

Filter by vulnerability base CVSS vector.

filter[cvss.datadog.score][`$op`]

number

Filter by vulnerability Datadog severity score.

filter[cvss.datadog.severity]

enum

Filter by vulnerability Datadog severity.
Allowed enum values: Unknown, None, Low, Medium, High, Critical

filter[cvss.datadog.vector]

string

Filter by vulnerability Datadog CVSS vector.

filter[status]

enum

Filter by the status of the vulnerability.
Allowed enum values: Open, Muted, Remediated, InProgress, AutoClosed

filter[tool]

enum

Filter by the tool of the vulnerability.
Allowed enum values: IAST, SCA, Infra, SAST

filter[library.name]

string

Filter by library name.

filter[library.version]

string

Filter by library version.

filter[advisory.id]

string

Filter by advisory ID.

filter[risks.exploitation_probability]

boolean

Filter by exploitation probability.

filter[risks.poc_exploit_available]

boolean

Filter by POC exploit availability.

filter[risks.exploit_available]

boolean

Filter by public exploit availability.

filter[risks.epss.score][`$op`]

number

Filter by vulnerability EPSS severity score.

filter[risks.epss.severity]

enum

Filter by vulnerability EPSS severity.
Allowed enum values: Unknown, None, Low, Medium, High, Critical

filter[language]

string

Filter by language.

filter[ecosystem]

enum

Filter by ecosystem.
Allowed enum values: PyPI, Maven, NuGet, Npm, RubyGems, Go, Packagist, Deb, Rpm, Apk

Show 6 more, Windows, Generic, MacOs, Oci, BottleRocket, None

filter[code_location.location]

string

Filter by vulnerability location.

filter[code_location.file_path]

string

Filter by vulnerability file path.

filter[code_location.method]

string

Filter by method.

filter[fix_available]

boolean

Filter by fix availability.

filter[repo_digests]

string

Filter by vulnerability repo_digest (when the vulnerability is related to Image asset).

filter[origin]

string

Filter by origin.

filter[running_kernel]

boolean

Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a Host asset).

filter[asset.name]

string

Filter by asset name. This field supports the usage of wildcards (*).

filter[asset.type]

enum

Filter by asset type.
Allowed enum values: Repository, Service, Host, HostImage, Image

filter[asset.version.first]

string

Filter by the first version of the asset this vulnerability has been detected on.

filter[asset.version.last]

string

Filter by the last version of the asset this vulnerability has been detected on.

filter[asset.repository_url]

string

Filter by the repository url associated to the asset.

filter[asset.risks.in_production]

boolean

Filter whether the asset is in production or not.

filter[asset.risks.under_attack]

boolean

Filter whether the asset is under attack or not.

filter[asset.risks.is_publicly_accessible]

boolean

Filter whether the asset is publicly accessible or not.

filter[asset.risks.has_privileged_access]

boolean

Filter whether the asset is publicly accessible or not.

filter[asset.risks.has_access_to_sensitive_data]

boolean

Filter whether the asset has access to sensitive data or not.

filter[asset.environments]

string

Filter by asset environments.

filter[asset.teams]

string

Filter by asset teams.

filter[asset.arch]

string

Filter by asset architecture.

filter[asset.operating_system.name]

string

Filter by asset operating system name.

filter[asset.operating_system.version]

string

Filter by asset operating system version.

Response

OK

The expected response schema when listing vulnerabilities.

Expand All

Field

Type

Description

data [required]

[object]

List of vulnerabilities.

attributes [required]

object

The JSON:API attributes of the vulnerability.

advisory

object

Advisory associated with the vulnerability.

id [required]

string

Vulnerability advisory ID.

last_modification_date

string

Vulnerability advisory last modification date.

publish_date

string

Vulnerability advisory publish date.

advisory_id

string

Vulnerability advisory ID.

code_location

object

Code vulnerability location.

file_path

string

Vulnerability location file path.

location [required]

string

Vulnerability extracted location.

method

string

Vulnerability location method.

cve_list [required]

[string]

Vulnerability CVE list.

cvss [required]

object

Vulnerability severities.

base [required]

object

Vulnerability severity.

score [required]

double

Vulnerability severity score.

severity [required]

enum

The vulnerability severity. Allowed enum values: Unknown,None,Low,Medium,High,Critical

vector [required]

string

Vulnerability CVSS vector.

datadog [required]

object

Vulnerability severity.

score [required]

double

Vulnerability severity score.

severity [required]

enum

The vulnerability severity. Allowed enum values: Unknown,None,Low,Medium,High,Critical

vector [required]

string

Vulnerability CVSS vector.

dependency_locations

object

Static library vulnerability location.

block [required]

object

Static library vulnerability location.

column_end [required]

int64

Location column end.

column_start [required]

int64

Location column start.

file_name [required]

string

Location file name.

line_end [required]

int64

Location line end.

line_start [required]

int64

Location line start.

name

object

Static library vulnerability location.

column_end [required]

int64

Location column end.

column_start [required]

int64

Location column start.

file_name [required]

string

Location file name.

line_end [required]

int64

Location line end.

line_start [required]

int64

Location line start.

version

object

Static library vulnerability location.

column_end [required]

int64

Location column end.

column_start [required]

int64

Location column start.

file_name [required]

string

Location file name.

line_end [required]

int64

Location line end.

line_start [required]

int64

Location line start.

description [required]

string

Vulnerability description.

ecosystem

enum

The related vulnerability asset ecosystem. Allowed enum values: PyPI,Maven,NuGet,Npm,RubyGems,Go,Packagist,Deb,Rpm,Apk

Show 6 more,Windows,Generic,MacOs,Oci,BottleRocket,None

exposure_time [required]

int64

Vulnerability exposure time in seconds.

first_detection [required]

string

First detection of the vulnerability in RFC 3339 format

fix_available [required]

boolean

Whether the vulnerability has a remediation or not.

language [required]

string

Vulnerability language.

last_detection [required]

string

Last detection of the vulnerability in RFC 3339 format

library

object

Vulnerability library.

additional_names

[string]

Related library or package names (such as child packages or affected binary paths).

name [required]

string

Vulnerability library name.

version

string

Vulnerability library version.

origin [required]

[string]

Vulnerability origin.

remediations [required]

[object]

List of remediations.

auto_solvable [required]

boolean

Whether the vulnerability can be resolved when recompiling the package or not.

avoided_advisories [required]

[object]

Avoided advisories.

base_severity [required]

string

Advisory base severity.

id [required]

string

Advisory id.

severity

string

Advisory Datadog severity.

fixed_advisories [required]

[object]

Remediation fixed advisories.

base_severity [required]

string

Advisory base severity.

id [required]

string

Advisory id.

severity

string

Advisory Datadog severity.

library_name [required]

string

Library name remediating the vulnerability.

library_version [required]

string

Library version remediating the vulnerability.

new_advisories [required]

[object]

New advisories.

base_severity [required]

string

Advisory base severity.

id [required]

string

Advisory id.

severity

string

Advisory Datadog severity.

remaining_advisories [required]

[object]

Remaining advisories.

base_severity [required]

string

Advisory base severity.

id [required]

string

Advisory id.

severity

string

Advisory Datadog severity.

type [required]

string

Remediation type.

repo_digests

[string]

Vulnerability repo_digest list (when the vulnerability is related to Image asset).

risks [required]

object

Vulnerability risks.

epss

object

Vulnerability EPSS severity.

score [required]

double

Vulnerability EPSS severity score.

severity [required]

enum

The vulnerability severity. Allowed enum values: Unknown,None,Low,Medium,High,Critical

exploit_available [required]

boolean

Vulnerability public exploit availability.

exploit_sources [required]

[string]

Vulnerability exploit sources.

exploitation_probability [required]

boolean

Vulnerability exploitation probability.

poc_exploit_available [required]

boolean

Vulnerability POC exploit availability.

running_kernel

boolean

True if the vulnerability affects a package in the host’s running kernel, false if it affects a non-running kernel, and omit if it is not kernel-related.

status [required]

enum

The vulnerability status. Allowed enum values: Open,Muted,Remediated,InProgress,AutoClosed

title [required]

string

Vulnerability title.

tool [required]

enum

The vulnerability tool. Allowed enum values: IAST,SCA,Infra,SAST

type [required]

enum

The vulnerability type. Allowed enum values: AdminConsoleActive,CodeInjection,CommandInjection,ComponentWithKnownVulnerability,DangerousWorkflows,DefaultAppDeployed,DefaultHtmlEscapeInvalid,DirectoryListingLeak,EmailHtmlInjection,EndOfLife

Show 32 more,HardcodedPassword,HardcodedSecret,HeaderInjection,HstsHeaderMissing,InsecureAuthProtocol,InsecureCookie,InsecureJspLayout,LdapInjection,MaliciousPackage,MandatoryRemediation,NoHttpOnlyCookie,NoSameSiteCookie,NoSqlMongoDbInjection,PathTraversal,ReflectionInjection,RiskyLicense,SessionRewriting,SessionTimeout,SqlInjection,Ssrf,StackTraceLeak,TrustBoundaryViolation,Unmaintained,UntrustedDeserialization,UnvalidatedRedirect,VerbTampering,WeakCipher,WeakHash,WeakRandomness,XContentTypeHeaderMissing,XPathInjection,Xss

id [required]

string

The unique ID for this vulnerability.

relationships [required]

object

Related entities object.

affects [required]

object

Relationship type.

data [required]

object

Asset affected by this vulnerability.

id [required]

string

The unique ID for this related asset.

type [required]

enum

The JSON:API type. Allowed enum values: assets

type [required]

enum

The JSON:API type. Allowed enum values: vulnerabilities

links

object

The JSON:API links related to pagination.

first [required]

string

First page link.

last [required]

string

Last page link.

next

string

Next page link.

previous

string

Previous page link.

self [required]

string

Request link.

meta

object

The metadata related to this request.

count [required]

int64

Number of entities included in the response.

token [required]

string

The token that identifies the request.

total [required]

int64

Total number of entities across all pages.

{
  "data": [
    {
      "attributes": {
        "advisory": {
          "id": "TRIVY-CVE-2023-0615",
          "last_modification_date": "2024-09-19T21:23:08.000Z",
          "publish_date": "2024-09-19T21:23:08.000Z"
        },
        "advisory_id": "TRIVY-CVE-2023-0615",
        "code_location": {
          "file_path": "src/Class.java:100",
          "location": "com.example.Class:100",
          "method": "FooBar"
        },
        "cve_list": [
          "CVE-2023-0615"
        ],
        "cvss": {
          "base": {
            "score": 4.5,
            "severity": "Medium",
            "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
          },
          "datadog": {
            "score": 4.5,
            "severity": "Medium",
            "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
          }
        },
        "dependency_locations": {
          "block": {
            "column_end": 140,
            "column_start": 5,
            "file_name": "src/go.mod",
            "line_end": 10,
            "line_start": 1
          },
          "name": {
            "column_end": 140,
            "column_start": 5,
            "file_name": "src/go.mod",
            "line_end": 10,
            "line_start": 1
          },
          "version": {
            "column_end": 140,
            "column_start": 5,
            "file_name": "src/go.mod",
            "line_end": 10,
            "line_start": 1
          }
        },
        "description": "LDAP Injection is a security vulnerability that occurs when untrusted user input is improperly handled and directly incorporated into LDAP queries without appropriate sanitization or validation. This vulnerability enables attackers to manipulate LDAP queries and potentially gain unauthorized access, modify data, or extract sensitive information from the directory server. By exploiting the LDAP injection vulnerability, attackers can execute malicious commands, bypass authentication mechanisms, and perform unauthorized actions within the directory service.",
        "ecosystem": "string",
        "exposure_time": 5618604,
        "first_detection": "2024-09-19T21:23:08.000Z",
        "fix_available": false,
        "language": "ubuntu",
        "last_detection": "2024-09-01T21:23:08.000Z",
        "library": {
          "additional_names": [
            "linux-tools-common"
          ],
          "name": "linux-aws-5.15",
          "version": "5.15.0"
        },
        "origin": [
          "agentless-scanner"
        ],
        "remediations": [
          {
            "auto_solvable": false,
            "avoided_advisories": [
              {
                "base_severity": "Critical",
                "id": "GHSA-4wrc-f8pq-fpqp",
                "severity": "Medium"
              }
            ],
            "fixed_advisories": [
              {
                "base_severity": "Critical",
                "id": "GHSA-4wrc-f8pq-fpqp",
                "severity": "Medium"
              }
            ],
            "library_name": "stdlib",
            "library_version": "Upgrade to a version >= 1.20.0",
            "new_advisories": [
              {
                "base_severity": "Critical",
                "id": "GHSA-4wrc-f8pq-fpqp",
                "severity": "Medium"
              }
            ],
            "remaining_advisories": [
              {
                "base_severity": "Critical",
                "id": "GHSA-4wrc-f8pq-fpqp",
                "severity": "Medium"
              }
            ],
            "type": "text"
          }
        ],
        "repo_digests": [
          "sha256:0ae7da091191787229d321e3638e39c319a97d6e20f927d465b519d699215bf7"
        ],
        "risks": {
          "epss": {
            "score": 0.2,
            "severity": "Medium"
          },
          "exploit_available": false,
          "exploit_sources": [
            "NIST"
          ],
          "exploitation_probability": false,
          "poc_exploit_available": false
        },
        "running_kernel": true,
        "status": "Open",
        "title": "LDAP Injection",
        "tool": "SCA",
        "type": "WeakCipher"
      },
      "id": "3ecdfea798f2ce8f6e964805a344945f",
      "relationships": {
        "affects": {
          "data": {
            "id": "Repository|github.com/DataDog/datadog-agent.git",
            "type": "assets"
          }
        }
      },
      "type": "vulnerabilities"
    }
  ],
  "links": {
    "first": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=1\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "last": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=15\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "next": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=16\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "previous": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=14\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "self": "https://api.datadoghq.com/api/v2/security/vulnerabilities?filter%5Btool%5D=Infra"
  },
  "meta": {
    "count": 150,
    "token": "b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "total": 152431
  }
}

Bad request: The server cannot process the request due to invalid syntax in the request.

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Forbidden: Access denied

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Not found: There is no request associated with the provided token.

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/security/vulnerabilities" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                
"""
List vulnerabilities returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.asset_type import AssetType
from datadog_api_client.v2.model.vulnerability_severity import VulnerabilitySeverity
from datadog_api_client.v2.model.vulnerability_tool import VulnerabilityTool

configuration = Configuration()
configuration.unstable_operations["list_vulnerabilities"] = True
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.list_vulnerabilities(
        filter_cvss_base_severity=VulnerabilitySeverity.HIGH,
        filter_tool=VulnerabilityTool.INFRA,
        filter_asset_type=AssetType.SERVICE,
    )

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"
# List vulnerabilities returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.list_vulnerabilities".to_sym] = true
end
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new
opts = {
  filter_cvss_base_severity: VulnerabilitySeverity::HIGH,
  filter_asset_type: AssetType::SERVICE,
  filter_tool: VulnerabilityTool::INFRA,
}
p api_instance.list_vulnerabilities(opts)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"
// List vulnerabilities returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.ListVulnerabilities", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.ListVulnerabilities(ctx, *datadogV2.NewListVulnerabilitiesOptionalParameters().WithFilterCvssBaseSeverity(datadogV2.VULNERABILITYSEVERITY_HIGH).WithFilterAssetType(datadogV2.ASSETTYPE_SERVICE).WithFilterTool(datadogV2.VULNERABILITYTOOL_INFRA))

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListVulnerabilities`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListVulnerabilities`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"
// List vulnerabilities returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.api.SecurityMonitoringApi.ListVulnerabilitiesOptionalParameters;
import com.datadog.api.client.v2.model.AssetType;
import com.datadog.api.client.v2.model.ListVulnerabilitiesResponse;
import com.datadog.api.client.v2.model.VulnerabilitySeverity;
import com.datadog.api.client.v2.model.VulnerabilityTool;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.listVulnerabilities", true);
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    try {
      ListVulnerabilitiesResponse result =
          apiInstance.listVulnerabilities(
              new ListVulnerabilitiesOptionalParameters()
                  .filterCvssBaseSeverity(VulnerabilitySeverity.HIGH)
                  .filterAssetType(AssetType.SERVICE)
                  .filterTool(VulnerabilityTool.INFRA));
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#listVulnerabilities");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"
// List vulnerabilities returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::ListVulnerabilitiesOptionalParams;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
use datadog_api_client::datadogV2::model::AssetType;
use datadog_api_client::datadogV2::model::VulnerabilitySeverity;
use datadog_api_client::datadogV2::model::VulnerabilityTool;

#[tokio::main]
async fn main() {
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.ListVulnerabilities", true);
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .list_vulnerabilities(
            ListVulnerabilitiesOptionalParams::default()
                .filter_cvss_base_severity(VulnerabilitySeverity::HIGH)
                .filter_asset_type(AssetType::SERVICE)
                .filter_tool(VulnerabilityTool::INFRA),
        )
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run
/**
 * List vulnerabilities returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.listVulnerabilities"] = true;
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiListVulnerabilitiesRequest = {
  filterCvssBaseSeverity: "High",
  filterTool: "Infra",
  filterAssetType: "Service",
};

apiInstance
  .listVulnerabilities(params)
  .then((data: v2.ListVulnerabilitiesResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"