# Get Vulnerable Libraries By CVE Returns all of the vulnerable libraries in an organization ordered by their associated CVE-ID Endpoint: GET /api/v2.0/orgs/{orgToken}/vulnerabilities/{vulnerabilityName}/libraries Version: 2.0 Security: bearer-key ## Path parameters: - `orgToken` (string, required) org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key). - `vulnerabilityName` (string, required) Vulnerability Name in the form of CVE-xxxx-xxx or WS-xxxx-xxx. ## Response 200 fields (application/json): - `supportToken` (string) Example: "1171c60d" - `retVal` (array) - `retVal.uuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `retVal.name` (string) Example: "dbus-1.10.24-13.el7_6.x86_64.rpm" - `retVal.artifactId` (string) Example: "kind-of-6.0.2.tgz" - `retVal.groupId` (string) Example: "kind-of" - `retVal.version` (string) - `retVal.architecture` (string) - `retVal.languageVersion` (string) - `retVal.classifier` (string) - `retVal.extension` (string) - `retVal.sha1` (string) Example: "01146b36a6218e64e58f3a8d66de5d7fc6f6d051" - `retVal.description` (string) Example: "Get the native type of a value." - `retVal.type` (string) Example: "javascript/Node.js" - `retVal.libraryType` (string) - `retVal.directDependency` (boolean) - `retVal.purl` (string) Example: "pkg:maven/commons-beanutils/commons-beanutils@1.8.0?type=jar" - `retVal.extraInfo` (object) - `retVal.extraInformation` (object) - `retVal.extraInformation.distributionUrl` (string) - `retVal.extraInformation.downloadUrl` (string) - `retVal.extraInformation.releaseDate` (string) - `retVal.extraInformation.packageManagerRepository` (string) - `retVal.extraInformation.homePage` (string) - `retVal.extraInformation.repositoryUrl` (string) - `retVal.extraInformation.author` (string) - `retVal.securityRisks` (array) - `retVal.securityRisks.sourceUrl` (string) - `retVal.securityRisks.riskFactor` (string) Enum: "NO_FINDINGS", "UNCONFIRMED_UNSAFE", "CONFIRMED_UNSAFE", "KNOWN_FALSE_POSITIVE" - `retVal.noticeReference` (object) - `retVal.noticeReference.text` (string, required) Example: "Developed internally" - `retVal.noticeReference.reference` (string) Example: "https://github.com/..." - `retVal.proprietaryInfo` (object) - `retVal.proprietaryInfo.ruleDescription` (string) - `retVal.proprietaryInfo.rulePattern` (string) - `retVal.proprietaryInfo.comment` (string) - `retVal.proprietaryInfo.userInfo` (object) - `retVal.proprietaryInfo.userInfo.uuid` (string, required) Example: "123e4567-e89b-12d3-a456-426655440000" - `retVal.proprietaryInfo.userInfo.name` (string) Example: "Jon Smith" - `retVal.proprietaryInfo.userInfo.email` (string) Example: "jon.smith@mail.com" - `retVal.proprietaryInfo.userInfo.userType` (string) Enum: "REGULAR", "SERVICE", "SCAN_SUMMARY_RECEIVER" - `retVal.proprietaryInfo.userInfo.accountStatus` (string) Enum: "ACTIVE", "INACTIVE", "LOCKOUT" - `retVal.proprietaryInfo.proprietaryMarkType` (string) Enum: "BY_RULE", "BY_USER" - `retVal.locations` (array) - `retVal.locations.localPath` (string) Example: "C:\\\\Users\\\\user\\\\.m2\\\\repository\\\\commons-io-1.4.jar" - `retVal.locations.dependencyFile` (string) Example: "C:\\\\GitHubRepos\\\\Pipline\\\\EUA\\\\plugins-automation\\\\fsa\\\\tests\\\\EUA\\\\Java\\\\bigProjectsMaven\\\\WST_417\\\\Data\\\\ksa\\\\ksa-web-core\\\\pom.xml" - `retVal.attributionReportSettings` (object) - `retVal.attributionReportSettings.excluded` (boolean) - `retVal.dependencyType` (string) - `retVal.violations` (integer) Example: 22 - `retVal.workflowUuids` (array) Example: 2 - `retVal.violatingFindings` (integer) Example: 2 - `retVal.trackedIssue` (object) - `retVal.trackedIssue.uuid` (string) - `retVal.trackedIssue.issueId` (string) - `retVal.trackedIssue.origin` (string) - `retVal.trackedIssue.issueKey` (string) - `retVal.trackedIssue.account` (object) - `retVal.trackedIssue.account.uuid` (string) - `retVal.trackedIssue.account.name` (string) - `retVal.trackedIssue.domain` (object) - `retVal.trackedIssue.application` (object) - `retVal.trackedIssue.project` (object) - `retVal.trackedIssue.status` (string) Enum: "PENDING", "IN_PROGRESS", "SUCCESS", "FAILED", "DELETED" - `retVal.trackedIssue.issueStatus` (string) - `retVal.trackedIssue.failureReason` (string) - `retVal.trackedIssue.errorMessage` (string) - `retVal.trackedIssue.publicLink` (string) - `retVal.trackedIssue.creationDate` (string) - `retVal.trackedIssue.updatedAt` (string) - `retVal.trackedIssue.createdBy` (object) - `retVal.trackedIssue.ticketType` (string) Enum: "SECURITY", "LEGAL" ## Response 400 fields (*/*): - `supportToken` (string) Example: "1171c60d"