Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide an API to get the CVRF for a single CVE (previously worked in old portal site) #94

Open
UberMeatShield opened this issue Apr 13, 2021 · 0 comments
Open

Provide an API to get the CVRF for a single CVE (previously worked in old portal site) #94

UberMeatShield opened this issue Apr 13, 2021 · 0 comments
Assignees
@vishparekh
Labels
bug

Comments

@UberMeatShield
Copy link

UberMeatShield commented Apr 13, 2021
edited
Loading

The old endpoints around the portal api used to provide a nice clean lookup by CVE:
https://portal.msrc.microsoft.com/api/security-guidance/en-us/CVE/

Response: CVRF response in json or xml based on the headers used for the request.
ie: {"Content-Type": "application/json"} would get you back json content

Now the process is really awkward as you have to do something like:
GET https://api.msrc.microsoft.com/cvrf/v2.0/Updates('CVE-2021-28311')

  • Given a list of updates, find the latest date based response id: "2021-Mar"

GET https://api.msrc.microsoft.com/cvrf/v2.0/cvrf/2021-Apr

  • Parse through that full cvrf file and look for your CVE you want information on

In addition the Updates API doesn't seem to show the latest Update date with the CVE either? CVE-2021-28311 is updated in 2021-Apr but the API response has a last date of March :(
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vishparekh vishparekh

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@UberMeatShield @vishparekh @msft-tsharp