publicdata/nist-gov
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nist-gov/nvd.nist.gov/general/news/api-20-announcements
Scott Williams 4063bef310 Initital commit.
2025-03-05 18:59:57 +00:00

1058 lines
No EOL
38 KiB
Text
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<title>NVD - API Transition Guide</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta http-equiv="content-style-type" content="text/css" />
<meta http-equiv="content-script-type" content="text/javascript" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link href="/site-scripts/font-awesome/css/font-awesome.min.css"
type="text/css" rel="stylesheet" />
<link href="/site-media/bootstrap/css/bootstrap.min.css"
type="text/css" rel="stylesheet" />
<link href="/site-media/bootstrap/css/bootstrap-theme.min.css"
type="text/css" rel="stylesheet" />
<link
href="/site-scripts/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css"
type="text/css" rel="stylesheet" />
<link href="/site-media/css/nist-fonts.css" type="text/css"
rel="stylesheet" />
<link href="/site-media/css/base-style.css" type="text/css"
rel="stylesheet" />
<link href="/site-media/css/media-resize.css" type="text/css"
rel="stylesheet" />
<meta name="theme-color" content="#000000">
<script src="/site-scripts/jquery/dist/jquery.min.js"
type="text/javascript"></script>
<script src="/site-scripts/jquery-visible/jquery.visible.min.js"
type="text/javascript"></script>
<script src="/site-scripts/underscore/underscore-min.js"
type="text/javascript"></script>
<script src="/site-media/bootstrap/js/bootstrap.js"
type="text/javascript"></script>
<script src="/site-scripts/moment/min/moment.min.js"
type="text/javascript"></script>
<script
src="/site-scripts/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js"
type="text/javascript"></script>
<script src="/site-media/js/megamenu.js" type="text/javascript"></script>
<script src="/site-media/js/nist-exit-script.js"
type="text/javascript"></script>
<script src="/site-media/js/forms.js" type="text/javascript"></script>
<script
src="/site-media/js/federated-analytics.all.min.js?agency=NIST&amp;subagency=nvd&amp;pua=UA-37115410-41&amp;yt=true"
type="text/javascript" id="_fed_an_js_tag"></script>
<!-- Google tag (gtag.js) -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-4KKFZP12LQ"></script>
<script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-4KKFZP12LQ'); </script>
<style id="antiClickjack">
body>* {
display: none !important;
}
#antiClickjack {
display: block !important;
}
</style>
<noscript>
<style id="antiClickjackNoScript">
body>* {
display: block !important;
}
#antiClickjack {
display: none !important;
}
</style>
</noscript>
<script type="text/javascript" id="antiClickjackScript">
if (self === top) {
// no clickjacking
var antiClickjack = document.getElementById("antiClickjack");
antiClickjack.parentNode.removeChild(antiClickjack);
} else {
setTimeout(tryForward(), 5000);
}
function tryForward() {
top.location = self.location;
}
</script>
<meta charset="UTF-8">
<link href="/site-media/css/nvd-style.css" type="text/css"
rel="stylesheet" />
<link href="/site-media/images/favicons/apple-touch-icon.png"
rel="apple-touch-icon" type="image/png" sizes="180x180" />
<link href="/site-media/images/favicons/favicon-32x32.png"
rel="icon" type="image/png" sizes="32x32" />
<link href="/site-media/images/favicons/favicon-16x16.png"
rel="icon" type="image/png" sizes="16x16" />
<link href="/site-media/images/favicons/manifest.json"
rel="manifest" />
<link href="/site-media/images/favicons/safari-pinned-tab.svg"
rel="mask-icon" color="#000000" />
<link href="/site-media/images/favicons/favicon.ico"
rel="shortcut icon" />
<meta name="msapplication-config" content="/site-media/images/favicons/browserconfig.xml" />
<link href="/site-media/images/favicons/favicon.ico"
rel="shortcut icon" type="image/x-icon" />
<link href="/site-media/images/favicons/favicon.ico" rel="icon"
type="image/x-icon" />
<meta charset="UTF-8">
<link href="/site-media/css/apiKey/api-styles.css" type="text/css" rel="stylesheet"/>
</head>
<body>
<header role="banner" title="Site Banner">
<div id="antiClickjack" style="display: none">
<h1>You are viewing this page in an unauthorized frame window.</h1>
<p>
This is a potential security issue, you are being redirected to
<a href="https://nvd.nist.gov">https://nvd.nist.gov</a>
</p>
</div>
<div>
<section class="usa-banner" aria-label="Official government website">
<div class="usa-accordion container">
<header class="usa-banner__header">
<noscript>
<p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p>
</noscript>
<img class="usa-banner__header-flag"
src="/site-media/images/usbanner/us_flag_small.png" alt="U.S. flag">
&nbsp;
<span class="usa-banner__header-text">An official website of the United States government</span>
<button id="gov-banner-button" class="usa-accordion__button usa-banner__button" data-toggle="collapse" data-target="#gov-banner" aria-expanded="false" aria-controls="gov-banner">
<span class="usa-banner__button-text">Here's how you know</span>
</button>
</header>
<div class="usa-banner__content usa-accordion__content collapse" role="tabpanel" id="gov-banner" aria-expanded="true">
<div class="row">
<div class="col-md-5 col-sm-12">
<div class="row">
<div class="col-sm-2 col-xs-3">
<img class="usa-banner__icon usa-media-block__img"
src="/site-media/images/usbanner/icon-dot-gov.svg" alt="Dot gov">
</div>
<div class="col-sm-10 col-xs-9">
<p>
<strong>Official websites use .gov</strong>
<br>
A <strong>.gov</strong> website belongs to an official government organization in the United States.
</p>
</div>
</div>
</div>
<div class="col-md-5 col-sm-12">
<div class="row">
<div class="col-sm-2 col-xs-3">
<img class="usa-banner__icon usa-media-block__img"
src="/site-media/images/usbanner/icon-https.svg" alt="Https">
</div>
<div class="col-sm-10 col-xs-9">
<p>
<strong>Secure .gov websites use HTTPS</strong>
<br>
A <strong>lock</strong> (<img class="usa-banner__lock"
src="/site-media/images/usbanner/lock.svg" alt="Dot gov">) or <strong>https://</strong> means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
</p>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
<div>
<div>
<nav id="navbar" class="navbar">
<div id="nist-menu-container" class="container">
<div class="row">
<!-- Brand -->
<div class="col-xs-6 col-md-4 navbar-header"
style="height:104px">
<a class="navbar-brand"
href="https://www.nist.gov"
target="_blank" rel="noopener noreferrer"
id="navbar-brand-image"
style="padding-top: 36px">
<img alt="National Institute of Standards and Technology"
src="/site-media/images/nist/nist-logo.svg"
width="110" height="30">
</a>
</div>
<div class="col-xs-6 col-md-8 navbar-nist-logo">
<span id="nvd-menu-button" class="pull-right" style="margin-top: 26px"> <a href="#">
<span class="fa fa-bars"></span> <span id="nvd-menu-full-text"><span
class="hidden-xxs">NVD </span>MENU</span>
</a>
</span>
</div>
</div>
</div>
<div class="main-menu-row container">
<!-- Collect the nav links, forms, and other content for toggling -->
<div id="main-menu-drop" class="col-lg-12" style="display: none;">
<ul>
<li><a href="/general"> General <span
class="expander fa fa-plus" id="nvd-header-menu-general"
data-expander-name="general" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="general">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/general/nvd-dashboard">NVD Dashboard</a>
</p>
<p>
<a href="https://www.nist.gov/itl/nvd">News and Status Updates</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/general/faq">FAQ</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/general/visualizations">Visualizations</a>
</p>
<p>
<a href="/general/legal-disclaimer">Legal Disclaimer</a>
</p>
</div>
</div>
</div></li>
<li><a href="/vuln"> Vulnerabilities <span
class="expander fa fa-plus"
id="nvd-header-menu-vulnerabilities"
data-expander-name="vulnerabilities" data-expanded="false">
<span class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="vulnerabilities">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/vuln/search">Search &amp; Statistics</a>
</p>
<p>
<a href="/vuln/categories">Weakness Types</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/vuln/data-feeds">Legacy Data Feeds</a>
</p>
<p>
<a href="/vuln/vendor-comments">Vendor Comments</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/vuln/cvmap">CVMAP</a>
</p>
</div>
</div>
</div></li>
<li><a href="/vuln-metrics/cvss#"> Vulnerability Metrics <span
class="expander fa fa-plus" id="nvd-header-menu-metrics"
data-expander-name="metrics" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="metrics">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/vuln-metrics/cvss/v4-calculator">CVSS v4.0
Calculators</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/vuln-metrics/cvss/v3-calculator">CVSS v3.x
Calculators</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/vuln-metrics/cvss/v2-calculator">CVSS v2.0
Calculator</a>
</p>
</div>
</div>
</div></li>
<li><a href="/products"> Products <span
class="expander fa fa-plus" id="nvd-header-menu-products"
data-expander-name="products" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="products">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/products/cpe">CPE Dictionary</a>
</p>
<p>
<a href="/products/cpe/search">CPE Search</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/products/cpe/statistics">CPE Statistics</a>
</p>
<p>
<a href="/products/swid">SWID</a>
</p>
</div>
<div class="col-lg-4"></div>
</div>
</div></li>
<li>
<a href="/developers">Developers<span
class="expander fa fa-plus" id="nvd-header-menu-developers"
data-expander-name="developers" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="developers">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/developers/start-here">Start Here</a>
</p>
<p>
<a href="/developers/request-an-api-key">Request an API Key</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/developers/vulnerabilities">Vulnerabilities</a>
</p>
<p>
<a href="/developers/products">Products</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/developers/data-sources">Data Sources</a>
</p>
<p>
<a href="/developers/terms-of-use">Terms of Use</a>
</p>
</div>
</div>
</div>
</li>
<li><a href="/contact"> Contact NVD </a></li>
<li><a href="/other"> Other Sites <span
class="expander fa fa-plus" id="nvd-header-menu-othersites"
data-expander-name="otherSites" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="otherSites">
<div class="row">
<div class="col-lg-4">
<p>
<a href="https://ncp.nist.gov">Checklist (NCP) Repository</a>
</p>
<p>
<a href="https://ncp.nist.gov/cce">Configurations (CCE)</a>
</p>
<p>
<a href="https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a
href="https://csrc.nist.gov/projects/scap-validation-program">SCAP
Validated Tools</a>
</p>
<p>
<a
href="https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a
href="https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a>
</p>
</div>
</div>
</div></li>
<li><a href="/search"> Search <span
class="expander fa fa-plus" id="nvd-header-menu-search"
data-expander-name="search" data-expanded="false"> <span
class="element-invisible">Expand or Collapse</span>
</span>
</a>
<div style="display: none;" class="sub-menu"
data-expander-trigger="search">
<div class="row">
<div class="col-lg-4">
<p>
<a href="/vuln/search">Vulnerability Search</a>
</p>
</div>
<div class="col-lg-4">
<p>
<a href="/products/cpe/search">CPE Search</a>
</p>
</div>
</div>
</div></li>
</ul>
</div>
<!-- /#mobile-nav-container -->
</div>
</nav>
<section id="itl-header" class="has-menu">
<div class="container">
<div class="row">
<div class="col-sm-12 col-md-8">
<h2 class="hidden-xs hidden-sm">
<a href="https://www.nist.gov/itl" target="_blank" rel="noopener noreferrer">Information Technology Laboratory</a>
</h2>
<h1 class="hidden-xs hidden-sm">
<a id="nvd-header-link"
href="/">National Vulnerability Database</a>
</h1>
<h1 class="hidden-xs text-center hidden-md hidden-lg"
>National Vulnerability Database</h1>
<h1 class="hidden-sm hidden-md hidden-lg text-center"
>NVD</h1>
</div>
<div class="col-sm-12 col-md-4">
<a style="width: 100%; text-align: center; display: block;padding-top: 14px">
<img id="img-logo-nvd-lg"
alt="National Vulnerability Database"
src="/site-media/images/F_NIST-Logo-NVD-white.svg"
width="500" height="100">
</a>
</div>
</div>
</div>
</section>
</div>
</div>
</header>
<main>
<div>
<div id="body-section" class="container">
<div class="row">
<ol class="breadcrumb">
<li><a href="/general" class="CMSBreadCrumbsLink">General</a><a href="/general/news" class="CMSBreadCrumbsLink">NEWS</a></li>
</ol>
</div>
<div>
<div class="row">
<h2>Your guide to moving from API 1.0 to API 2.0</h2>
<p>
The following information is intended to assist users of the existing 1.0 APIs
transition over to the 2.0 APIs. In September 2022 the 2.0 APIs were released
in an open beta. During the open beta the APIs could contain some bugs and
changes to the schema did not affect versioning. In January 2023, the 2.0 APIs
exited the open beta period. Future changes to the structure of the API schemas will
affect versioning. On December 15th, 2023, the NVD plans to retire all legacy data feeds
and the 1.0 APIs.
</p>
<p>
The 2.0 APIs include new URL paths so that existing automated
processes may continue without interruption until users have transitioned to the
new service. To further assist developers working with the APIs, the NVD is
documenting the best practices for
<a href="/developers/api-workflows">popular workflows</a>.
</p>
<p>
When the 2.0 APIs exited the open beta period, in January 2023, the 1.0 APIs
became deprecated. While deprecated the 1.0 APIs will not receive updates or
product support. Users may still view documentation for the
<a href="/developers/vulnerabilities-1">1.0 Vulnerability<a>
and <a href="/developers/products-1">1.0 Product<a> APIs until they are
<a href="/general/news/change-timeline">retired in December 2023</a>.
</p>
</div>
<div class="row">
<h3>What has changed</h3>
<p>
The APIs have undergone significant backend changes to support increasing requests
from their growing user base. Many of these changes will not be apparent to the public
while others—like a greater default value for <code>resultsPerPage</code>—will
improve the speed of almost every workflow.
</p>
<p>
For many users, the most noticeable changes from 1.0 to 2.0 should include improved
documentation, two new API endpoints providing the public with CPE Match Strings
and Data Source records, twelve new parameters for the CVE API that allow users to
filter requests based on metadata like CISA's Known Exploited Vulnerabilities (KEV), as well
as two new parameters for the CPE API to search for products using their new Universally
Unique Identifiers (UUID).
</p>
<p>
Additional enhancements have been added to make the APIs easier to use and more
secure. Two of these changes make greater use of the request and response headers.
Whereas the 1.0 APIs accepted API Keys in the request's URL query, the 2.0 APIs
require the API key to be passed via the request header in an <code>apiKey</code>
field. In the 2.0 APIs, whenever client errors occur users can examine the response
header for a new field named <code>message</code>. The <code>message</code> field
provides users additional information to aid in debugging.
</p>
<p>
The data in the NVD provides a catalyst for open research, learning, and discovery.
For that reason, the NVD intends to make all data that would be available to users
of the website also available via its APIs. To support this goal, the 2.0 APIs include
significant additions to the default content returned by each API as well as a new
API specifically for CVE Change History. Further supporting
this mission, the CVE and Source APIs identify providers who participate in the
<a href="/vuln/cvmap">Collaborative Vulnerability Metadata Acceptance Process</a>
(CVMAP) as primary sources where applicable.
</p>
<p>
The following table highlights a few of the larger changes between the APIs that
all users should be aware of.
</p>
</div>
<div class="row">
<h4> New approaches to getting information</h4>
<table class="comparison" id="newInformation">
<tbody>
<tr>
<td style="text-align:center; font-size: 1.2rem;">
<p>
<strong>1.0 API </strong>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<p>
<strong>2.0 API </strong>
</p>
</td>
</tr>
<tr>
<td>
<p>
The 1.0 APIs contained an endpoint used only to request information on
a single CVE and second endpoint for requesting information on a collection
of CVEs. The single CVE API also followed a unique URL pattern by requiring
a CVE-ID to be passed via the URL path, rather than the URL query.
</p>
</td>
<td>
<p>
The single CVE API has not returned in the 2.0 APIs. The sole CVE API now includes
a <code>cveId</code> parameter that returns a specific vulnerability identified
by its unique CVE-ID. The CVE API accepts this parameter in the URL query.
</p>
</td>
</tr>
<tr>
<td>
<p> When making iterative requests for many CVE, such as the initial
population of all CVE for a local database, sorting by the last modified date
may occasionally result in missing CVE. This may happen if new CVE are added
during the iterative requests. Including <code>sortBy=publishDate</code>
with the request avoided these errors.
</p>
</td>
<td>
<p>
The 2.0 API results are always sorted by the CVE publish date regardless of
the parameters selected.
</p>
</td>
</tr>
<tr>
<td>
<p>
The CVE API included parameters that appended additional data or performed
additional backend queries to the CPE dictionary. Because each CVE may have a
dozen or more CPE associated with them, requests for thousands of CVE records
could return such a large amount of data that some requests could become truncated.
Reducing the <code>resultsPerPage</code> was recommended to prevent the data
from being truncated.
</p>
</td>
<td>
<p>
The APIs serve specific uses. The CVE API no longer returns every detail
of every associated CPE and no longer appends optional data. While the CVE API
now offers additional parameters for filtering vulnerabilities associated with
specific CPE, requests focused on CPE records or Match Strings should use the CPE or
CPE Match Criteria APIs. It is also recommended that users of the CVE API use the
default <code>resultsPerPage</code> value. This value has been optimized to allow
the greatest number of results over the fewest number of requests.
</p>
</td>
</tr>
<tr>
<td>
<p>
By default, the CVE API's <code>modStartDate</code> & <code>modEndDate</code> parameters
returned only the records where the CVE information was modified in the specified
time frame.
An optional parameter <code>includeMatchStringChange=true</code> could be passed with the
request to return a collection of CVE where either the vulnerabilities or the associated
CPE were modified in the specified time frame.
</p>
</td>
<td>
<p>
A <a href="/developers/products#divCpeMatch">CPE Match Criteria API<a> has been
released to provide information on valid CPE Match Strings. Along with this new API,
Match Strings can now be identified by a Universally Unique Identifier (UUID). By default,
the CVE API returns this UUID under the configurations object.
</p>
</td>
</tr>
<tr>
<td>
<p>
By default, the CPE API's <code>modStartDate</code> & <code>modEndDate</code>
parameters returned a collection of CPE that were created or modified in the specified
time frame. An optional parameter <code>includeDeprecated=true</code> could be passed
with the request to return a collection of CPE that included CPEs deprecated in the
specified time frame.
</p>
</td>
<td>
<p>
The CPE API now returns all CPE records that match the given request parameters. A new
field in the CPE response object identifies whether the CPE is <span class="json-obj">deprecated</span>.
If the CPE is deprecated the <span class="json-obj">deprecatedBy</span> field will provide
the CPE Name that that replaces it.
</p>
</td>
</tr>
<tr>
<td>
<p>
The CPE API returned an optional <span class="json-obj">deprecatedBy</span>
array whenever a CPE had been deprecated by another.
</p>
</td>
<td>
<p>
The CPE API also returns an optional <span class="json-obj">deprecates</span>
array for relevant CPE records. This addition allows for awareness in either direction
of the deprecation chain.
</p>
</td>
</tr>
<tr>
<td>
<p>
The APIs did not return references to CVE records marked with the "REJECT" or "Rejected"
status. Depending on specific parameters, the lack of these CVE could make it appear that
the API response is missing records.
</p>
</td>
<td>
<p>
In order to provide users with a complete image of the NVD, the CVE API now returns CVE
records marked with the "REJECT" and "Rejected" status. A new parameter <code>noRejected</code>
may be provided with the query to exclude these CVE records from the API response.
<a href="/vuln/vulnerability-status">Click here</a>
for more information on vulnerability statuses.
</p>
</td>
</tr>
<tr>
<td>
<p>
Including <code>apiKey={key value}</code>, (without brackets or spaces) in the URL path
allowed users to make a greater number of requests in a given time than they could otherwise.
</p>
</td>
<td>
<p>
API keys are passed via the request header. For backwards compatibility, the 1.0 APIs
will accept API Keys in either the header or the URL.
</p>
</td>
</tr>
<tr>
<td>
<p>
Timestamps for <code>modStartDate</code>, <code>modEndDate</code>, <code>pubStartDate</code>,
and <code>pubEndDate</code> used a nonstandard datetime format.
</p>
</td>
<td>
<p>
Timestamps for <code>lastModStartDate</code>, <code>lastModEndDate</code>,
<code>pubStartDate</code>, and <code>pubEndDate</code> use the extended ISO-8601 datetime
format. Users may optionally provide an offset from UTC in their requests but datetime
objects in the API response are always returned with a zero offset from UTC.
</p>
</td>
</tr>
</tbody>
</table>
</div>
<br>
<div class="row">
<h4>Renamed and retired parameters</h4>
<p>
Several parameters remain functionally unchanged from the 1.0 APIs but
have been renamed in the 2.0 APIs to better illustrate their purpose.
</p>
</div>
<div class="row">
<table class="comparison" id="renamedParameters">
<tbody>
<tr>
<td></td>
<td style=" text-align:center; font-size: 1.2rem;">
<p>
<strong>1.0 API </strong>
</p>
</td>
<td></td>
<td style="text-align:center; font-size: 1.2rem;">
<p>
<strong>2.0 API </strong>
</p>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<p>
<code>modStartDate</code>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<img alt="Arrow pointing right"
src="/site-media/images/apiImages/arrow-right.svg">
</td>
<td>
<p>
<code>lastModStartDate</code>
</p>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<p>
<code>modEndDate</code>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<img alt="Arrow pointing right"
src="/site-media/images/apiImages/arrow-right.svg">
</td>
<td>
<p>
<code>lastModEndDate</code>
</p>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<p>
<code>keyword</code>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<img alt="Arrow pointing right"
src="/site-media/images/apiImages/arrow-right.svg">
</td>
<td>
<p>
<code>keywordSearch</code>
</p>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<p>
<code>isExactMatch</code>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<img alt="Arrow pointing right"
src="/site-media/images/apiImages/arrow-right.svg">
</td>
<td>
<p>
<code>keywordExactMatch</code>
</p>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<p>
<code>cpeMatchString</code>
</p>
</td>
<td style="text-align:center; font-size: 1.2rem;">
<img alt="Arrow pointing right"
src="/site-media/images/apiImages/arrow-right.svg">
</td>
<td>
<p>
<code>virtualMatchString</code>
</p>
</td>
<td></td>
</tr>
</tbody>
</table>
</div>
<br>
<div class="row">
<p>For reasons described in the first table, the following 1.0 parameters do not appear in the updated APIs.</p>
<p><strong>CVES API:</strong></p>
<ul>
<li><code>sortBy</code></li>
<li><code>includeMatchStringChange</code></li>
</ul>
<p><strong>CPES API:</strong></p>
<ul>
<li><code>addOns</code></li>
</ul>
</div>
<br>
<div id="userStories" class="row">
<h3>We want to hear from you</h3>
<p>
Is there something you feel we missed on this page? Are you confused about how to
solve a unique transition problem? If you answered yes, please share your user story
by emailing <a href="mailto:nvd@nist.gov">nvd@nist.gov</a>.
Please ensure your user story includes a description of what you are looking to do
(your what) and the problem you are looking to solve (your why).
Please note, while the NVD looks forward to providing you with clear and
valuable transition resources, the NVD does not currently provide code snippets in
any language or code reviews for any user group. The NVD also does not
endorse any code base, repository, user agent, or third-party platforms.
</p>
</div>
<div class="col-md-12 historical-data-area" id="historical-data-area">
<span>
Created
<span id="page-created-date">
<span>September 20, 2022</span>
</span>,
</span>
Updated
<span id="page-updated-date">
<span>August 3, 2023</span>
</span>
</div>
</div>
</div>
</div>
</main>
<footer id="footer" role="contentinfo">
<div class="container">
<div class="row">
<div class="col-sm-12">
<ul class="social-list pull-right">
<li class="field-item service-twitter list-horiz"><a
href="https://twitter.com/NISTCyber" target="_blank" rel="noopener noreferrer"
class="social-btn social-btn--large extlink ext"> <i
class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span
class="ext"><span class="element-invisible"> (link
is external)</span></span>
</a></li>
<li class="field-item service-facebook list-horiz"><a
href="https://www.facebook.com/NIST" target="_blank" rel="noopener noreferrer"
class="social-btn social-btn--large extlink ext"> <i
class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span
class="ext"><span class="element-invisible"> (link
is external)</span></span></a></li>
<li class="field-item service-linkedin list-horiz"><a
href="https://www.linkedin.com/company/nist" target="_blank" rel="noopener noreferrer"
class="social-btn social-btn--large extlink ext"> <i
class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span
class="ext"><span class="element-invisible"> (link
is external)</span></span></a></li>
<li class="field-item service-youtube list-horiz"><a
href="https://www.youtube.com/user/USNISTGOV" target="_blank" rel="noopener noreferrer"
class="social-btn social-btn--large extlink ext"> <i
class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span
class="ext"><span class="element-invisible"> (link
is external)</span></span></a></li>
<li class="field-item service-rss list-horiz"><a
href="https://www.nist.gov/news-events/nist-rss-feeds"
target="_blank" rel="noopener noreferrer" class="social-btn social-btn--large extlink">
<i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i>
</a></li>
<li class="field-item service-govdelivery list-horiz last"><a
href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3"
target="_blank" rel="noopener noreferrer" class="social-btn social-btn--large extlink ext">
<i class="fa fa-envelope fa-fw"><span
class="element-invisible">govdelivery</span></i><span class="ext"><span
class="element-invisible"> (link is external)</span></span>
</a></li>
</ul>
<span class="hidden-xs"> <a
title="National Institute of Standards and Technology" rel="home"
class="footer-nist-logo"> <img
src="/site-media/images/nist/nist-logo.png"
alt="National Institute of Standards and Technology logo" />
</a>
</span>
</div>
</div>
<div class="row hidden-sm hidden-md hidden-lg">
<div class="col-sm-12">
<a href="https://www.nist.gov"
title="National Institute of Standards and Technology" rel="home"
target="_blank" rel="noopener noreferrer" class="footer-nist-logo"> <img
src="/site-media/images/nist/nist-logo.png"
alt="National Institute of Standards and Technology logo" />
</a>
</div>
</div>
<div class="row footer-contact-container">
<div class="col-sm-6">
<strong>HEADQUARTERS</strong>
<br>
100 Bureau Drive
<br>
Gaithersburg, MD 20899
<br>
<a href="tel:301-975-2000">(301) 975-2000</a>
<br>
<br>
<a href="mailto:nvd@nist.gov">Webmaster</a> | <a
href="https://www.nist.gov/about-nist/contact-us">Contact Us</a>
| <a href="https://www.nist.gov/about-nist/visit"
style="display: inline-block;">Our Other Offices</a>
</div>
<div class="col-sm-6">
<div class="pull-right"
style="text-align:right">
<strong>Incident Response Assistance and Non-NVD Related<br>Technical Cyber Security Questions:</strong>
<br>
US-CERT Security Operations Center
<br> Email: <a href="mailto:soc@us-cert.gov">soc@us-cert.gov</a>
<br> Phone: 1-888-282-0870
</div>
</div>
</div>
<div class="row">
<nav title="Footer Navigation" role="navigation"
class="row footer-bottom-links-container">
<!-- https://github.com/usnistgov/nist-header-footer/blob/nist-pages/boilerplate-footer.html -->
<p>
<a href="https://www.nist.gov/oism/site-privacy">Site Privacy</a>
|
<a href="https://www.nist.gov/oism/accessibility">Accessibility</a>
|
<a href="https://www.nist.gov/privacy">Privacy Program</a>
|
<a href="https://www.nist.gov/oism/copyrights">Copyrights</a>
|
<a href="https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a>
|
<a href="https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a>
|
<a href="https://www.nist.gov/foia">FOIA</a>
|
<a href="https://www.nist.gov/environmental-policy-statement">Environmental Policy</a>
|
<a href="https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a>
|
<a href="https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a>
|
<a href="https://www.commerce.gov/">Commerce.gov</a>
|
<a href="https://www.science.gov/">Science.gov</a>
|
<a href="https://www.usa.gov/">USA.gov</a>
</p>
</nav>
</div>
</div>
</footer>
</body>
</html>
Reference in a new issue View git blame Copy permalink