Getting Started

Vulnpatch provides a REST API for querying security vulnerabilities across multiple sources and ecosystems. This guide will help you get started with the API.

Base URL

All API endpoints are available at:

https://api.vulnpatch.dev/api/v1/

Quick Start

Query Vulnerabilities for a Package

bash

# Get OSV vulnerabilities for curl (38+ ecosystems)
curl https://api.vulnpatch.dev/api/v1/osv/curl

# Get OSV vulnerabilities with ecosystem filter
curl "https://api.vulnpatch.dev/api/v1/osv/express?ecosystem=npm"

Get Nixpkgs Tracker Issues

Nixpkgs-Specific

The /nix/stats and /issues endpoints return data only from the Nixpkgs security tracker. For multi-ecosystem data, use /osv/:package.

bash

# Get aggregate statistics across all sources
curl https://api.vulnpatch.dev/api/v1/stats

# Get Nixpkgs-specific statistics
curl https://api.vulnpatch.dev/api/v1/nix/stats

# Get Nixpkgs tracker issues
curl https://api.vulnpatch.dev/api/v1/issues

# Search across all CVE sources
curl "https://api.vulnpatch.dev/api/v1/search?q=curl"

Response Format

All API responses follow a consistent JSON format:

json

{
  "success": true,
  "data": { ... },
  "timestamp": "2024-01-15T12:00:00.000Z"
}

Error responses include an error message:

json

{
  "success": false,
  "error": "Error description"
}

Next Steps

Rate Limits - Understand rate limiting
Data Sources - Learn about our data sources
API Reference - Full API documentation

Getting Started ​

Base URL ​

Quick Start ​

Query Vulnerabilities for a Package ​

Get Nixpkgs Tracker Issues ​

Response Format ​

Next Steps ​