Install
openclaw skills install cve-scannerCVE Scanner
Scan and identify Common Vulnerabilities and Exposures (CVEs) in software components and dependencies.
# Overview
The CVE Scanner is a security-focused API that enables developers, security teams, and DevOps professionals to rapidly identify and assess Common Vulnerabilities and Exposures (CVEs) affecting their software supply chain. By submitting package names, versions, or vulnerability identifiers, users receive comprehensive CVE data including severity ratings, affected versions, and remediation guidance.
This tool integrates seamlessly into CI/CD pipelines, vulnerability management workflows, and security audits. It leverages authoritative CVE databases to deliver accurate, up-to-date intelligence on software vulnerabilities, helping organizations prioritize patching efforts and reduce risk exposure.
Ideal users include security engineers, application developers, DevOps teams, and compliance officers who need rapid, reliable CVE lookup capabilities integrated into automated security workflows.
## Usage
### Sample Request
```json
{
"query": "log4j 2.14.1"
}
Sample Response
{
"vulnerabilities": [
{
"cve_id": "CVE-2021-44228",
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"severity": "CRITICAL",
"cvss_score": 10.0,
"affected_versions": [
"2.0-beta9 through 2.15.0"
],
"description": "Apache Log4j2 versions less than 2.16.0 are vulnerable to remote code execution via JNDI injection.",
"published_date": "2021-12-10",
"updated_date": "2024-01-15",
"remediation": "Upgrade to Log4j 2.16.0 or later"
}
],
"query_timestamp": "2024-01-20T14:32:15Z",
"total_vulnerabilities_found": 1
}
Endpoints
POST /scan-cve
Scan for Common Vulnerabilities and Exposures matching a given query string.
Method: POST
Path: /scan-cve
Request Parameters:
| Name | Type | Required | Description |
|---|---|---|---|
query | string | Yes | The search query for CVE scanning. Can be a package name, version string, CVE identifier (e.g., "CVE-2021-44228"), or component name. |
Request Body (application/json):
{
"query": "string"
}
Response (200 - Success):
Returns a JSON object containing matched CVE records with vulnerability details, severity information, affected versions, and recommended remediation steps.
Response (422 - Validation Error):
Returns validation error details when the request schema is invalid or required fields are missing.
{
"detail": [
{
"loc": ["body", "query"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|---|---|---|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- 🌐 toolweb.in
- 🔌 portal.toolweb.in
- 🤖 hub.toolweb.in
- 🐾 toolweb.in/openclaw/
- 🚀 rapidapi.com/user/mkrishna477
- 📺 youtube.com/@toolweb-009
References
- Kong Route:
https://api.mkkpro.com/security/cve-scanner - API Docs:
https://api.mkkpro.com:8010/docs