開発者向けリファレンス

脆弱性インテリジェンス

DomScan APIで公開ウェブサイトに露出しているソフトウェア、リスクのある設定、既知の影響対象バージョンを検出します。各結果には、確認した項目、一致した理由、証拠の確度が示されます。

脆弱性インテリジェンス

公開ウェブサイトに露出しているソフトウェア、リスクのある設定、既知の影響対象バージョンを検出します。各結果には、確認した項目、一致した理由、証拠の確度が示されます。

検査範囲と情報源: 問題が検出されなかった結果でも、アプリケーションに脆弱性がないことを証明したり、許可を得たペネトレーションテストの代わりになったりするものではありません。
GET /v1/vulnerabilities

クエリパラメータ

パラメータ タイプ 必須
url string オプション
domain string オプション
mode string オプション

レスポンスフィールド

フィールド タイプ
target object
target.requested_url string
target.final_url string
target.hostname string
scan object
scan.mode string
scan.status string
scan.checked_at string
scan.duration_ms integer
scan.disclaimer string
summary object
summary.posture string
summary.risk_level string
summary.finding_count integer
summary.version_affected_count integer
summary.misconfiguration_count integer
summary.urgent_count integer
summary.severity_counts object
findings[] object[]
findings[] object
findings[].fingerprint string
findings[].classification string
findings[].severity string
findings[].priority string
findings[].title string
findings[].summary string
findings[].component object
findings[].component.technology_id string
findings[].component.name string
findings[].component.detected_version string
findings[].component.version_kind string
findings[].component.confidence string
findings[].component.confidence_score integer
findings[].component.ecosystem string
findings[].component.package string
findings[].component.purl string
findings[].advisory object
findings[].advisory.id string
findings[].advisory.aliases[] string[]
findings[].advisory.cves[] string[]
findings[].advisory.published_at string | null
findings[].advisory.modified_at string | null
findings[].advisory.cvss[] object[]
findings[].advisory.cvss[] object
findings[].advisory.cvss[].type string
findings[].advisory.cvss[].vector string
findings[].advisory.fixed_versions[] string[]
findings[].advisory.affected_ranges[] object[]
findings[].advisory.affected_ranges[] object
findings[].advisory.references[] string[]
findings[].exploitation object
findings[].exploitation.cisa_kev boolean | null
findings[].exploitation.kev_added_at string | null
findings[].exploitation.kev_required_action string | null
findings[].exploitation.known_ransomware_use string | null
findings[].exploitation.epss_probability number | null
findings[].exploitation.epss_percentile number | null
findings[].exploitation.epss_date string | null
findings[].evidence object
findings[].evidence.confidence string
findings[].evidence.observed[] string[]
findings[].evidence.limitations[] string[]
findings[].remediation object
findings[].remediation.summary string
findings[].remediation.fixed_versions[] string[]
findings[].sources[] string[]
components[] object[]
components[] object
components[].technology_id string
components[].name string
components[].detected_version string | null
components[].version_kind string | null
components[].confidence string
components[].advisory_status string
components[].matched_advisories integer
coverage object
coverage.target_response string
coverage.technology_detection string
coverage.package_advisories string
coverage.known_exploitation string
coverage.exploitation_probability string
coverage.detected_components integer
coverage.versioned_components integer
coverage.advisory_eligible_components integer
coverage.advisory_checked_components integer
coverage.advisory_deferred_components integer
coverage.advisory_query_limit integer
coverage.relay_used boolean
coverage.limitations[] string[]
sources[] object[]
sources[] object
sources[].id string
sources[].name string
sources[].owner string
sources[].url string
sources[].status string
sources[].retrieved_at string | null
sources[].cache_hit boolean
sources[].expected_freshness string
sources[].fallback_behavior string
sources[].cost string
_meta object

リクエスト例

curl -H "X-API-Key: $DOMSCAN_API_KEY" "https://domscan.net/v1/vulnerabilities?url=https%3A%2F%2Fexample.com&domain=example.com&mode=example.com"

レスポンス例

{
  "target": {
    "requested_url": "https://example.com",
    "final_url": "https://example.com",
    "hostname": "string"
  },
  "scan": {
    "mode": "standard",
    "status": "complete",
    "checked_at": "2026-04-15T12:00:00Z",
    "duration_ms": 1,
    "disclaimer": "string"
  },
  "summary": {
    "posture": "action_required",
    "risk_level": "critical",
    "finding_count": 1,
    "version_affected_count": 1,
    "misconfiguration_count": 1,
    "urgent_count": 1,
    "severity_counts": {}
  },
  "findings": [
    {
      "fingerprint": "string",
      "classification": "version_affected",
      "severity": "critical",
      "priority": "urgent",
      "title": "string",
      "summary": "string",
      "component": {
        "technology_id": "string",
        "name": "string",
        "detected_version": "string",
        "version_kind": "product",
        "confidence": "high",
        "confidence_score": 1,
        "ecosystem": "string",
        "package": "string",
        "purl": "https://example.com"
      },
      "advisory": {
        "id": "string",
        "aliases": [
          "string"
        ],
        "cves": [
          "string"
        ],
        "published_at": "2026-04-15T12:00:00Z",
        "modified_at": "2026-04-15T12:00:00Z",
        "cvss": [
          {
            "type": "string",
            "vector": "string"
          }
        ],
        "fixed_versions": [
          "string"
        ],
        "affected_ranges": [
          {}
        ],
        "references": [
          "https://example.com"
        ]
      },
      "exploitation": {
        "cisa_kev": true,
        "kev_added_at": "2026-04-15",
        "kev_required_action": "string",
        "known_ransomware_use": "string",
        "epss_probability": 1,
        "epss_percentile": 1,
        "epss_date": "2026-04-15"
      },
      "evidence": {
        "confidence": "high",
        "observed": [
          "string"
        ],
        "limitations": [
          "string"
        ]
      },
      "remediation": {
        "summary": "string",
        "fixed_versions": [
          "string"
        ]
      },
      "sources": [
        "osv"
      ]
    }
  ],
  "components": [
    {
      "technology_id": "string",
      "name": "string",
      "detected_version": "string",
      "version_kind": "string",
      "confidence": "high",
      "advisory_status": "checked",
      "matched_advisories": 1
    }
  ],
  "coverage": {
    "target_response": "string",
    "technology_detection": "string",
    "package_advisories": "string",
    "known_exploitation": "string",
    "exploitation_probability": "string",
    "detected_components": 1,
    "versioned_components": 1,
    "advisory_eligible_components": 1,
    "advisory_checked_components": 1,
    "advisory_deferred_components": 1,
    "advisory_query_limit": 1,
    "relay_used": true,
    "limitations": [
      "string"
    ]
  },
  "sources": [
    {
      "id": "string",
      "name": "string",
      "owner": "string",
      "url": "https://example.com",
      "status": "string",
      "retrieved_at": "2026-04-15T12:00:00Z",
      "cache_hit": true,
      "expected_freshness": "string",
      "fallback_behavior": "string",
      "cost": "none"
    }
  ],
  "_meta": {}
}