Référence Développeur

Veille sur les vulnérabilités

Consultez la documentation de l'API Veille sur les vulnérabilités, ses paramètres de requête, les champs de réponse, les exemples de code et la gestion des erreurs pour les intégrations DomScan.

Veille sur les vulnérabilités

Détectez les logiciels exposés, les configurations risquées et les versions connues comme affectées sur un site web public. Chaque résultat précise les contrôles effectués, la raison de la correspondance et la solidité des preuves.

Couverture et sources: Un résultat sans constat ne prouve pas qu’une application est exempte de vulnérabilités et ne remplace pas un test d’intrusion autorisé.
GET /v1/vulnerabilities

Paramètres de Requête

Paramètre Type requis
url string optionnel
domain string optionnel
mode string optionnel

Champs de Réponse

Champ Type
target object
target.requested_url string
target.final_url string
target.hostname string
scan object
scan.mode string
scan.status string
scan.checked_at string
scan.duration_ms integer
scan.disclaimer string
summary object
summary.posture string
summary.risk_level string
summary.finding_count integer
summary.version_affected_count integer
summary.misconfiguration_count integer
summary.urgent_count integer
summary.severity_counts object
findings[] object[]
findings[] object
findings[].fingerprint string
findings[].classification string
findings[].severity string
findings[].priority string
findings[].title string
findings[].summary string
findings[].component object
findings[].component.technology_id string
findings[].component.name string
findings[].component.detected_version string
findings[].component.version_kind string
findings[].component.confidence string
findings[].component.confidence_score integer
findings[].component.ecosystem string
findings[].component.package string
findings[].component.purl string
findings[].advisory object
findings[].advisory.id string
findings[].advisory.aliases[] string[]
findings[].advisory.cves[] string[]
findings[].advisory.published_at string | null
findings[].advisory.modified_at string | null
findings[].advisory.cvss[] object[]
findings[].advisory.cvss[] object
findings[].advisory.cvss[].type string
findings[].advisory.cvss[].vector string
findings[].advisory.fixed_versions[] string[]
findings[].advisory.affected_ranges[] object[]
findings[].advisory.affected_ranges[] object
findings[].advisory.references[] string[]
findings[].exploitation object
findings[].exploitation.cisa_kev boolean | null
findings[].exploitation.kev_added_at string | null
findings[].exploitation.kev_required_action string | null
findings[].exploitation.known_ransomware_use string | null
findings[].exploitation.epss_probability number | null
findings[].exploitation.epss_percentile number | null
findings[].exploitation.epss_date string | null
findings[].evidence object
findings[].evidence.confidence string
findings[].evidence.observed[] string[]
findings[].evidence.limitations[] string[]
findings[].remediation object
findings[].remediation.summary string
findings[].remediation.fixed_versions[] string[]
findings[].sources[] string[]
components[] object[]
components[] object
components[].technology_id string
components[].name string
components[].detected_version string | null
components[].version_kind string | null
components[].confidence string
components[].advisory_status string
components[].matched_advisories integer
coverage object
coverage.target_response string
coverage.technology_detection string
coverage.package_advisories string
coverage.known_exploitation string
coverage.exploitation_probability string
coverage.detected_components integer
coverage.versioned_components integer
coverage.advisory_eligible_components integer
coverage.advisory_checked_components integer
coverage.advisory_deferred_components integer
coverage.advisory_query_limit integer
coverage.relay_used boolean
coverage.limitations[] string[]
sources[] object[]
sources[] object
sources[].id string
sources[].name string
sources[].owner string
sources[].url string
sources[].status string
sources[].retrieved_at string | null
sources[].cache_hit boolean
sources[].expected_freshness string
sources[].fallback_behavior string
sources[].cost string
_meta object

Exemple de Requête

curl -H "X-API-Key: $DOMSCAN_API_KEY" "https://domscan.net/v1/vulnerabilities?url=https%3A%2F%2Fexample.com&domain=example.com&mode=example.com"

Exemple de Réponse

{
  "target": {
    "requested_url": "https://example.com",
    "final_url": "https://example.com",
    "hostname": "string"
  },
  "scan": {
    "mode": "standard",
    "status": "complete",
    "checked_at": "2026-04-15T12:00:00Z",
    "duration_ms": 1,
    "disclaimer": "string"
  },
  "summary": {
    "posture": "action_required",
    "risk_level": "critical",
    "finding_count": 1,
    "version_affected_count": 1,
    "misconfiguration_count": 1,
    "urgent_count": 1,
    "severity_counts": {}
  },
  "findings": [
    {
      "fingerprint": "string",
      "classification": "version_affected",
      "severity": "critical",
      "priority": "urgent",
      "title": "string",
      "summary": "string",
      "component": {
        "technology_id": "string",
        "name": "string",
        "detected_version": "string",
        "version_kind": "product",
        "confidence": "high",
        "confidence_score": 1,
        "ecosystem": "string",
        "package": "string",
        "purl": "https://example.com"
      },
      "advisory": {
        "id": "string",
        "aliases": [
          "string"
        ],
        "cves": [
          "string"
        ],
        "published_at": "2026-04-15T12:00:00Z",
        "modified_at": "2026-04-15T12:00:00Z",
        "cvss": [
          {
            "type": "string",
            "vector": "string"
          }
        ],
        "fixed_versions": [
          "string"
        ],
        "affected_ranges": [
          {}
        ],
        "references": [
          "https://example.com"
        ]
      },
      "exploitation": {
        "cisa_kev": true,
        "kev_added_at": "2026-04-15",
        "kev_required_action": "string",
        "known_ransomware_use": "string",
        "epss_probability": 1,
        "epss_percentile": 1,
        "epss_date": "2026-04-15"
      },
      "evidence": {
        "confidence": "high",
        "observed": [
          "string"
        ],
        "limitations": [
          "string"
        ]
      },
      "remediation": {
        "summary": "string",
        "fixed_versions": [
          "string"
        ]
      },
      "sources": [
        "osv"
      ]
    }
  ],
  "components": [
    {
      "technology_id": "string",
      "name": "string",
      "detected_version": "string",
      "version_kind": "string",
      "confidence": "high",
      "advisory_status": "checked",
      "matched_advisories": 1
    }
  ],
  "coverage": {
    "target_response": "string",
    "technology_detection": "string",
    "package_advisories": "string",
    "known_exploitation": "string",
    "exploitation_probability": "string",
    "detected_components": 1,
    "versioned_components": 1,
    "advisory_eligible_components": 1,
    "advisory_checked_components": 1,
    "advisory_deferred_components": 1,
    "advisory_query_limit": 1,
    "relay_used": true,
    "limitations": [
      "string"
    ]
  },
  "sources": [
    {
      "id": "string",
      "name": "string",
      "owner": "string",
      "url": "https://example.com",
      "status": "string",
      "retrieved_at": "2026-04-15T12:00:00Z",
      "cache_hit": true,
      "expected_freshness": "string",
      "fallback_behavior": "string",
      "cost": "none"
    }
  ],
  "_meta": {}
}