List Issues For Many Package URLs

This endpoint is not available to all customers. If you are interested please contact support. Query issues for a batch of packages identified by Package URL (purl). Only direct vulnerabilities are returned, transitive vulnerabilities (from dependencies) are not returned because they can vary depending on context.

Parameters

Parameter	Description
Organization ID	Unique identifier for an organization.
Package URLs	A comma-separated list of Package URLs (purl). Supported purl types are apk, cargo, cocoapods, composer, deb, gem, generic, hex, maven, npm, nuget, pypi, rpm, and swift. A version for the package is also required.

Example Output

{
	"data": [
		{
			"attributes": {
				"coordinates": [
					{
						"remedies": [
							{
								"description": "Upgrade the package version to 5.4.0,6.4.0 to fix this vulnerability",
								"details": {
									"upgrade_package": "5.4.0,6.4.0"
								},
								"type": "indeterminate"
							}
						],
						"representations": [
							{
								"resource_path": ",5.4.0),[6.0.0.pr1,6.4.0)"
							}
						]
					}
				],
				"created_at": "2022-06-16T13:51:13Z",
				"description": "## Overview\\n\\n\\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection.",
				"effective_severity_level": "info",
				"problems": [
					{
						"disclosed_at": "1970-01-01T00:00:00.000Z",
						"discovered_at": "1970-01-01T00:00:00.000Z",
						"id": "CWE-61",
						"source": "CVE",
						"updated_at": "1970-01-01T00:00:00.000Z",
						"url": "http://example.com"
					}
				],
				"severities": [
					{
						"level": "medium",
						"score": 5.3,
						"source": "Snyk",
						"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
					}
				],
				"slots": {
					"disclosure_time": "2022-06-16T13:51:13Z",
					"exploit": "Not Defined",
					"publication_time": "2022-06-16T14:00:24.315507Z",
					"references": [
						{
							"title": "string",
							"url": "string"
						}
					]
				},
				"title": "XML External Entity (XXE) Injection",
				"type": "package_vulnerability",
				"updated_at": "2022-06-16T14:00:24.315507Z"
			},
			"id": "SNYK-JAVA-COMFASTERXMLWOODSTOX-2928754",
			"type": "issue"
		}
	],
	"jsonapi": {
		"version": "1.0"
	},
	"links": {
		"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
		"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
		"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
	}
}

Workflow Library Example

List Issues for Many Package Urls with Snyk and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Example Output
Workflow Library Example

Parameters

Parameter	Description
Organization ID	Unique identifier for an organization.
Package URLs	A comma-separated list of Package URLs (purl). Supported purl types are apk, cargo, cocoapods, composer, deb, gem, generic, hex, maven, npm, nuget, pypi, rpm, and swift. A version for the package is also required.

Example Output

{
	"data": [
		{
			"attributes": {
				"coordinates": [
					{
						"remedies": [
							{
								"description": "Upgrade the package version to 5.4.0,6.4.0 to fix this vulnerability",
								"details": {
									"upgrade_package": "5.4.0,6.4.0"
								},
								"type": "indeterminate"
							}
						],
						"representations": [
							{
								"resource_path": ",5.4.0),[6.0.0.pr1,6.4.0)"
							}
						]
					}
				],
				"created_at": "2022-06-16T13:51:13Z",
				"description": "## Overview\\n\\n\\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection.",
				"effective_severity_level": "info",
				"problems": [
					{
						"disclosed_at": "1970-01-01T00:00:00.000Z",
						"discovered_at": "1970-01-01T00:00:00.000Z",
						"id": "CWE-61",
						"source": "CVE",
						"updated_at": "1970-01-01T00:00:00.000Z",
						"url": "http://example.com"
					}
				],
				"severities": [
					{
						"level": "medium",
						"score": 5.3,
						"source": "Snyk",
						"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
					}
				],
				"slots": {
					"disclosure_time": "2022-06-16T13:51:13Z",
					"exploit": "Not Defined",
					"publication_time": "2022-06-16T14:00:24.315507Z",
					"references": [
						{
							"title": "string",
							"url": "string"
						}
					]
				},
				"title": "XML External Entity (XXE) Injection",
				"type": "package_vulnerability",
				"updated_at": "2022-06-16T14:00:24.315507Z"
			},
			"id": "SNYK-JAVA-COMFASTERXMLWOODSTOX-2928754",
			"type": "issue"
		}
	],
	"jsonapi": {
		"version": "1.0"
	},
	"links": {
		"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
		"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
		"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
	}
}

Workflow Library Example

List Issues for Many Package Urls with Snyk and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Example Output
Workflow Library Example

List Issues For Many Package URLs

Parameters

Example Output

Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

List Issues For Many Package URLs

Parameters

Example Output

Workflow Library Example

​Parameters

​Example Output

​Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example

Parameters

Example Output

Workflow Library Example