# What's New in API v1.4 # Background CVSS 3.0 introduced the **Critical** severity label for vulnerabilities with a score of 9.0 or higher: - **Low**: 0.1–3.9 - **Medium**: 4.0–6.9 - **High**: 7.0–8.9 - **Critical**: 9.0–10.0 Previously, Mend displayed both **High** and **Critical** as just **High**, requiring customers to implement custom automation to distinguish between the two. # Release Schedule - **From Jan 2, 2023**: Users of the Unified Agent and UI will see the **Critical** label. No need to rerun a scan. It is also visible in repository integrations like: - GitHub.com - GitHub Enterprise - BitBucket Server - BitBucket Cloud - Azure DevOps - GitLab - **By Jan 31, 2023**: Users of IDEs, Azure DevOps pipelines, and Jira integrations will also see these changes. # API Updates To maintain backward compatibility, Mend introduces a new API version, **v1.4**, allowing you to adopt the **Critical** label when ready. API endpoint: `https:///api/v1.4` Where `` corresponds to your Mend server. For example, the response to Get Project Alerts when the CVSS3 score higher than nine: | | | | --- | --- | | Sample from [API v1.3](https://saas.whitesourcesoftware.com/api/v1.3) | Sample from [API v1.4](https://saas.whitesourcesoftware.com/api/v1.4) | | `{`  `"requestType" : "getProjectAlerts",`  `"userKey": "user_key",`  `"projectToken" : "project_token"``}` | `{`  `"requestType" : "getProjectAlerts",`  `"userKey": "user_key",`  `"projectToken" : "project_token"``}` | | `{`  `"vulnerability": {`    `"name": "CVE-2021-44228",`    `"type": "CVE",`    `"severity": "high",`    `"score": 9.3,`    `"cvss3_severity": "high",`    `"cvss3_score": 10.0,`    `"scoreMetadataVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",`    `"publishDate": "2021-12-10",`    `"lastUpdated": "2022-12-09",`    `"url": "https://www.mend.io/vulnerability-database/CVE-2021-44228",` | `{`  `"vulnerability": {`    `"name": "CVE-2021-44228",`    `"type": "CVE",`    `"severity": "high",`    `"score": 9.3,`    `"cvss3_severity":` **"critical"**`,`    `"cvss3_score": 10.0,`    `"scoreMetadataVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",`    `"publishDate": "2021-12-10",`    `"lastUpdated": "2022-12-09",`    `"url": "https://www.mend.io/vulnerability-database/CVE-2021-44228",` | # Benefits of Displaying **Critical** Vulnerabilities Identifying **Critical** vulnerabilities allows you to: - Prioritize and address the most severe vulnerabilities faster. - Improve overall security posture. - Create new policies to handle **Critical** vulnerabilities specifically.