Cves module


Route:
/v1/vigiles/cves/<cve_id> Methods: "GET"

Prime  Search CVE info by CVE id

Parameters:
  • cve_id (str) – ID of the cve to search for
  • request_data (JSON object) –

    Data sent with request with keys:

    "email"
    Email of user sending the request
    "fields"
    Fields to return in search results. Valid fields: “affected_configurations”, “assigner”, “description”, “identifier”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:

search_results – Results of search with keys: “affected_configurations”, “assigner”, “description”, “identifier”, “impact”, “modified”, “problem_types”, “published”, “references”

Return type:

JSON object


Route:
/v1/vigiles/cves Methods: "GET"

Prime  Search for CVEs with a product name and version

Parameters:request_data (JSON object ['str', 'str']) –

Data sent with request with keys:

"email"
Email of user sending the request
"product"
CPE Product (package name) to get CVEs for
"version"
Version of package to get CVEs for
"ids_only"
If True, an array of CVE ids will be returned
Returns:cves – An array of CVE ids is returned if “ids_only” is true. Otherwise, a dictionary with CVE information will be returned
Return type:array(object)

Folders module


Route:
/v1/vigiles/folders Methods: "GET"

Prime  Get an array of folder information that can be filtered by product token

If no product token is given, all folders that the user owns will be returned.

Parameters:request_data (JSON object) –

Data sent with request with keys:

"email"
Email of user sending the request
"product_token", optional
Token of the product to get folders from
Returns:folder_tokens – Array of folder information objects with keys: “folder_token”, “folder_name”, “folder_description”, “creation_date”, “product_token”
Return type:array(object)

Manifests module


Route:
/v1/vigiles/manifests/<token> Methods: "DELETE"

Prime  Delete a manifest with a given token

Parameters:
  • token (str) – The token of the manifest to delete
  • request_data ("JSON object") –

    Data sent with request with keys:

    "email"
    Email of user sending the request
Returns:

response – Results with keys:

"success"

True if successful, False otherwise

"message"

Message describing response

Return type:

JSON object


Route:
/v1/vigiles/manifests/<token>/reports/latest Methods: "GET"

Prime  Get the latest CVE report results from a given manifest token

Parameters:
  • token (str) – The token of the manifest to get the latest scan results from
  • request_data ("JSON object") –

    Data sent with request with keys:

    "email"
    Email of user sending the request
    "filtered"
    True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False
    "with_field"
    Optionally extend CVE data included in report with one of the following fields (parameter can be repeated):
    ”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:

scan_results – Results of scan with keys:

"manifest_token"

Token of the manifest

"product_token"

Token of the product that the manifest belongs to

"folder_token"

Token of the folder that the manifest is in

"cves"

Array of objects containing information about CVEs found in the scan

"counts"

Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted

"date"

Date of the scan

"report_path"

URL where the report can be viewed

Return type:

JSON object


Route:
/v1/vigiles/manifests/<token> Methods: "GET"

Prime  Get information about a manifest with a given token

Parameters:request_data (JSON object) –

Data sent with request with keys:

"email"
Email of the user sending the request
"send_file"
If true, a manifest file will be sent
"sbom_format"
convert manifest to this format before returning. acceptable formats are:
”spdx”
Returns:
  • manifest_info (array(object) or file)
  • Array of manifest information objects with keys – “manifest_token”, “manifest_name”, “folder_token”, “product_token”, “upload_date”, “manifest_data”

Route:
/v1/vigiles/manifests Methods: "GET"

Prime  Get an array of manifests information from a product or folder.

Only either a product token or folder token should be given. If neither are given, all manifests that the user owns will be returned including manifests in shared products

Parameters:request_data (JSON object ['str', 'str']) –

Data sent with request with keys:

"email"
Email of user sending the request
"product_token", optional
Token of the product to get manifests from
"folder_token", optional
Token of the folder to get manifests from
Returns:manifests – Array of product information objects with keys: “manifest_name”, “manifest_token”, “product_token”, “folder_token”, “upload_date”
Return type:array(object)

Route:
/v1/vigiles/manifests/<token>/reports Methods: "GET"

Prime  Get an array of CVE Reports available for a given manifest

Parameters:
  • token (str) – The token of the manifest to list reports for
  • request_data

    Query parameters sent with the request:

    "email"
    Email of user sending the request
Returns:

result – Object containing the manifest info and array of available reports "manifest_name"

The name of the manifest for which these reports were requested

"manifest_token"

Token of the manifest for which these reports were requested

"product_token"

Token for the Product this manifest belongs to

"folder_token"

Token for the Folder this manifest belongs to, if any

"upload_date"

Date of upload for the manifest these reports are for

"reports" : array(object)

Array of report information objects, sorted by “created_date”, with keys: "created_date"

Date this scan was performed

"report_token"

Token for this report

"manifest_token"

Token of the specific version of the manifest for which this report was genereated”

"manifest_version"

Version of the manifest for which this report was generated

Return type:

object


Route:
/v1/vigiles/manifests/<token>/reports Methods: "POST"

Prime  Rescan a manifest with a given token

Parameters:
  • token (str) – The token of the manifest to get the latest scan results from
  • request_data (JSON object ['str', 'str']) –

    Data sent with request with keys:

    "email"
    Email of user sending the request
    "filtered"
    True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False
    "rescan_only"
    Anything other than “false” or “f” to only rescan the manifest
    "with_field"
    Optionally extend CVE data included in returned report with one of the following fields (parameter can be repeated):
    ”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:

scan_results – Results of scan with keys:

"cves"

Array of objects containing information about CVEs found in the scan

"counts"

Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted

"date"

Date of the scan

"product_name"

Name of the product that the manifest belongs to

"product_path"

URL where the product can be viewed

"report_path"

URL where the report can be viewed

Return type:

JSON object


Routes:
/v1/vigiles/manifests Methods: "POST"
/v1/vigiles/manifests/demo Methods: "POST"

Upload manifest and return scan results

Parameters:request_data (JSON object) –

post data with keys:

"manifest"
Manifest data to scan
"email"
Email of user sending the request
"kernel_config"
Kernel config data
"uboot_config"
Uboot config data
"manifest_name"
Name to give the new manifest
"product_token"
Token of the product the manifest should belong to
"folder_token"
Token of the folder where the manifest should be stored
"subfolder_name"
Name of subfolder to upload manifest to
"filter_results"
True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False
"with_field"
Optionally extend CVE data included in report with one of the following fields (parameter can be repeated):
”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references”
"include_sbom"
Type of exported manifest that should be included in response Default: spdx
Returns:scan_results – Results of scan with keys:
"manifest_token"
Token of the manifest
"product_token"
Token of the product that the manifest belongs to
"folder_token"
Token of the folder that the manifest is in
"cves"
Array of dictionaries containing information about CVEs found in the scan
"counts"
Dictionary containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted
"date"
Date of the scan
"report_path"
URL where the report can be viewed
"exported_manifest"
Exported manifest data
Return type:JSON object

Route:
/v1/vigiles/manifests/demo Methods: "POST"

Upload manifest in demo mode and return scan results

Parameters:request_data (JSON object) –

post data with keys:

"manifest"
Manifest data to scan
"kernel_config"
Kernel config data
"uboot_config"
Uboot config data
Returns:Results of scan with keys:
"cves"
dict containing counts of unfixed, fixed and un-applied CVEs found in the scan
"date"
Date of the scan
"report_path"
URL where the report can be viewed
"demo"
Is manifest uploaded in demo mode
"subscribed"
Is user subscribed
Return type:JSON object

Products module


Route:
/v1/vigiles/products Methods: "POST"

Prime  Create a new product for a user

Parameters:
  • product_token (str) – the token of a product
  • request_data (JSON object) –

    Data sent with request with keys:

    "email"
    Email of the user sending the request
    "name"
    Name for the new product
    "desc", optional
    Description for the new product
Returns:

product_info – Results of comparison with keys:

"name"

Name of product

"description"

Description of product

"token"

Token for the product

Return type:

JSON object


Route:
/v1/vigiles/products/<product_token> Methods: "GET"

Prime  Get information about a product from a given token

Parameters:
  • product_token (str) – Token of the product
  • request_data (JSON object) –

    Data sent with request with keys:

    "email"
    Email of user sending the request
Returns:

product_info – Results of comparison with keys:

"name"

Name of product

"description"

Description of product

"token"

Token for the product

"is_default"

True if product is default product for user, otherwise False

"created"

Date that the product was created

Return type:

JSON object


Route:
/v1/vigiles/products Methods: "GET"

Prime  Get information about all products for a user

Parameters:request_data (JSON object) –

Data sent with request with keys:

"email"
Email of the user sending the request
Returns:product_info – Array of product information objects with keys: “name”, “description”, “token”
Return type:list(object)

Reports module


Route:
/v1/vigiles/reports/compare Methods: "GET"

Prime  Compare two CVE reports with given tokens

Parameters:request_data (JSON object) –

Data sent with request with keys:

"token_one"
Token for the first CVE report to compare
"token_two"
Token for the second CVE report to compare
"filtered"
True to apply all configured filters to both reports, False to apply only kernel and uboot config filters. Default: False
Returns:compare_results – Results of comparison with keys:
"resolved"
List of CVEs resolved between the reports
"new"
List new CVEs between the reports
Return type:JSON object

Route:
/v1/vigiles/reports/<token> Methods: "GET"

Prime  Get a CVE report with the given token

Parameters:
  • token (str) – The token of the CVE report to get
  • request_data

    Query parameters sent with the request:

    "email"
    Email of user sending the request
    "format"
    What file format to return from the following:
    ”pdf”, “pdfsummary”, “xlsx”, “csv”
    "filtered"
    True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False
Returns:

scan_results – CVE Report data as the requested file type

Return type:

file

Stats module


Route:
/v1/heartbeat Methods: "GET", "POST"

This function makes a simple GET request to the LinuxLink server to ensure that the server is available, and that HMAC authentication is working properly.

Returns:
"ok"
True if successful, False otherwise.
Return type:JSON object ['str', 'bool']