Entwickler-Referenz

Schwachstelleninformationen

Entdecken Sie die API-Dokumentation zu Schwachstelleninformationen, Anfrageparameter, Antwortfelder, Codebeispiele und Fehlerbehandlung für DomScan-Integrationen.

Schwachstelleninformationen

Findet offengelegte Software, riskante Konfigurationen und bekannte betroffene Versionen auf einer öffentlichen Website. Jedes Ergebnis erklärt, was geprüft wurde, warum eine Übereinstimmung vorliegt und wie belastbar die Nachweise sind.

Prüfumfang und Quellen: Ein Ergebnis ohne Befund kann weder beweisen, dass eine Anwendung frei von Schwachstellen ist, noch einen autorisierten Penetrationstest ersetzen.
GET /v1/vulnerabilities

Abfrageparameter

Parameter Typ erforderlich
url string optional
domain string optional
mode string optional

Antwort-Felder

Feld Typ
target object
target.requested_url string
target.final_url string
target.hostname string
scan object
scan.mode string
scan.status string
scan.checked_at string
scan.duration_ms integer
scan.disclaimer string
summary object
summary.posture string
summary.risk_level string
summary.finding_count integer
summary.version_affected_count integer
summary.misconfiguration_count integer
summary.urgent_count integer
summary.severity_counts object
findings[] object[]
findings[] object
findings[].fingerprint string
findings[].classification string
findings[].severity string
findings[].priority string
findings[].title string
findings[].summary string
findings[].component object
findings[].component.technology_id string
findings[].component.name string
findings[].component.detected_version string
findings[].component.version_kind string
findings[].component.confidence string
findings[].component.confidence_score integer
findings[].component.ecosystem string
findings[].component.package string
findings[].component.purl string
findings[].advisory object
findings[].advisory.id string
findings[].advisory.aliases[] string[]
findings[].advisory.cves[] string[]
findings[].advisory.published_at string | null
findings[].advisory.modified_at string | null
findings[].advisory.cvss[] object[]
findings[].advisory.cvss[] object
findings[].advisory.cvss[].type string
findings[].advisory.cvss[].vector string
findings[].advisory.fixed_versions[] string[]
findings[].advisory.affected_ranges[] object[]
findings[].advisory.affected_ranges[] object
findings[].advisory.references[] string[]
findings[].exploitation object
findings[].exploitation.cisa_kev boolean | null
findings[].exploitation.kev_added_at string | null
findings[].exploitation.kev_required_action string | null
findings[].exploitation.known_ransomware_use string | null
findings[].exploitation.epss_probability number | null
findings[].exploitation.epss_percentile number | null
findings[].exploitation.epss_date string | null
findings[].evidence object
findings[].evidence.confidence string
findings[].evidence.observed[] string[]
findings[].evidence.limitations[] string[]
findings[].remediation object
findings[].remediation.summary string
findings[].remediation.fixed_versions[] string[]
findings[].sources[] string[]
components[] object[]
components[] object
components[].technology_id string
components[].name string
components[].detected_version string | null
components[].version_kind string | null
components[].confidence string
components[].advisory_status string
components[].matched_advisories integer
coverage object
coverage.target_response string
coverage.technology_detection string
coverage.package_advisories string
coverage.known_exploitation string
coverage.exploitation_probability string
coverage.detected_components integer
coverage.versioned_components integer
coverage.advisory_eligible_components integer
coverage.advisory_checked_components integer
coverage.advisory_deferred_components integer
coverage.advisory_query_limit integer
coverage.relay_used boolean
coverage.limitations[] string[]
sources[] object[]
sources[] object
sources[].id string
sources[].name string
sources[].owner string
sources[].url string
sources[].status string
sources[].retrieved_at string | null
sources[].cache_hit boolean
sources[].expected_freshness string
sources[].fallback_behavior string
sources[].cost string
_meta object

Beispielanfrage

curl -H "X-API-Key: $DOMSCAN_API_KEY" "https://domscan.net/v1/vulnerabilities?url=https%3A%2F%2Fexample.com&domain=example.com&mode=example.com"

Beispielantwort

{
  "target": {
    "requested_url": "https://example.com",
    "final_url": "https://example.com",
    "hostname": "string"
  },
  "scan": {
    "mode": "standard",
    "status": "complete",
    "checked_at": "2026-04-15T12:00:00Z",
    "duration_ms": 1,
    "disclaimer": "string"
  },
  "summary": {
    "posture": "action_required",
    "risk_level": "critical",
    "finding_count": 1,
    "version_affected_count": 1,
    "misconfiguration_count": 1,
    "urgent_count": 1,
    "severity_counts": {}
  },
  "findings": [
    {
      "fingerprint": "string",
      "classification": "version_affected",
      "severity": "critical",
      "priority": "urgent",
      "title": "string",
      "summary": "string",
      "component": {
        "technology_id": "string",
        "name": "string",
        "detected_version": "string",
        "version_kind": "product",
        "confidence": "high",
        "confidence_score": 1,
        "ecosystem": "string",
        "package": "string",
        "purl": "https://example.com"
      },
      "advisory": {
        "id": "string",
        "aliases": [
          "string"
        ],
        "cves": [
          "string"
        ],
        "published_at": "2026-04-15T12:00:00Z",
        "modified_at": "2026-04-15T12:00:00Z",
        "cvss": [
          {
            "type": "string",
            "vector": "string"
          }
        ],
        "fixed_versions": [
          "string"
        ],
        "affected_ranges": [
          {}
        ],
        "references": [
          "https://example.com"
        ]
      },
      "exploitation": {
        "cisa_kev": true,
        "kev_added_at": "2026-04-15",
        "kev_required_action": "string",
        "known_ransomware_use": "string",
        "epss_probability": 1,
        "epss_percentile": 1,
        "epss_date": "2026-04-15"
      },
      "evidence": {
        "confidence": "high",
        "observed": [
          "string"
        ],
        "limitations": [
          "string"
        ]
      },
      "remediation": {
        "summary": "string",
        "fixed_versions": [
          "string"
        ]
      },
      "sources": [
        "osv"
      ]
    }
  ],
  "components": [
    {
      "technology_id": "string",
      "name": "string",
      "detected_version": "string",
      "version_kind": "string",
      "confidence": "high",
      "advisory_status": "checked",
      "matched_advisories": 1
    }
  ],
  "coverage": {
    "target_response": "string",
    "technology_detection": "string",
    "package_advisories": "string",
    "known_exploitation": "string",
    "exploitation_probability": "string",
    "detected_components": 1,
    "versioned_components": 1,
    "advisory_eligible_components": 1,
    "advisory_checked_components": 1,
    "advisory_deferred_components": 1,
    "advisory_query_limit": 1,
    "relay_used": true,
    "limitations": [
      "string"
    ]
  },
  "sources": [
    {
      "id": "string",
      "name": "string",
      "owner": "string",
      "url": "https://example.com",
      "status": "string",
      "retrieved_at": "2026-04-15T12:00:00Z",
      "cache_hit": true,
      "expected_freshness": "string",
      "fallback_behavior": "string",
      "cost": "none"
    }
  ],
  "_meta": {}
}