# API v1

(OpenAPI)=

[PyVulnerabilityLookup](https://github.com/vulnerability-lookup/PyVulnerabilityLookup)
is a Python library to access Vulnerability-Lookup via its REST API.

## OpenAPI specification

```{openapi} _static/files/swagger.json
```

## Response format

All list endpoints return a paginated response with the following structure:

```json
{
    "metadata": {
        "count": 42,
        "page": 1,
        "per_page": 10
    },
    "data": []
}
```

## Examples

### Vulnerabilities

Looking up a vulnerability by ID:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/vulnerability/cve-2024-38063' -H 'accept: application/json'
```

Cross-source correlation — retrieving all advisories linked to a given vulnerability:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/vulnerability/cve-2024-38063/links' -H 'accept: application/json'
```

### Comments

Getting the list of comments:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/comment/' -H 'accept: application/json'
```

Getting the list of comments made by a specific author:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/comment/?author=john' -H 'accept: application/json'
```

Getting the list of comments related to a vulnerability:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/comment/?vuln_id=cve-2024-38063' -H 'accept: application/json'
```

Getting the list of comments that are related to a Proof of Concept:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/comment/?meta=[{"tags":["PoC"]}]' -H 'accept: application/json'
```

### Bundles

Getting the list of bundles:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/bundle/' -H 'accept: application/json'
```

### Sightings

Getting the list of sightings:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/sighting/' -H 'accept: application/json'
```

Getting sightings for a specific vulnerability:

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/sighting/?vuln_id=cve-2024-38063' -H 'accept: application/json'
```

### KEV (Known Exploited Vulnerabilities)

Getting the list of KEV entries (BCP-07 format):

```bash
$ curl -X 'GET' 'http://127.0.0.1:10001/api/kev/' -H 'accept: application/json'
```