Get vulnerability information for a single software component.
Analyzes the component and returns known vulnerabilities including CVE details, severity scores, publication dates, and other security metadata. Vulnerability data is sourced from various security databases and feeds.
Query Parameters
Package URL identifying the component to analyze.
Version constraint for component resolution when PURL lacks explicit version.
Response
A successful response.
Success example. For error cases, the component block reports the processing status via info_message and info_code. Example: {"component":{"purl":"pkg:github/unknown/component","requirement":"","version":"","vulnerabilities":[],"info_message":"Component not found in database","info_code":"COMPONENT_NOT_FOUND"},"status":{"status":"SUCCESS","message":"Request processed"}}