{"id":18584,"date":"2024-03-23T05:35:59","date_gmt":"2024-03-23T10:35:59","guid":{"rendered":"https:\/\/rud.is\/b\/?p=18584"},"modified":"2024-03-23T05:36:00","modified_gmt":"2024-03-23T10:36:00","slug":"vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility","status":"publish","type":"post","link":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/","title":{"rendered":"VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)"},"content":{"rendered":"

VulnCheck has some new, free API endpoints<\/a> for the cybersecurity community.<\/p>\n

Two extremely useful ones are for their extended version of CISA\u2019s KEV, and an in-situ replacement for NVD\u2019s sad excuse for an API and soon-to-be-removed JSON feeds.<\/p>\n

There are two ways to work with these APIs. One is retrieve a \u201cbackup\u201d of the entire dataset as a ZIP file, and the other is to use the API to retrieve individual CVEs from each \u201cindex\u201d.<\/p>\n

You\u2019ll need a free API key<\/a> from VulnCheck to use these APIs.<\/p>\n

All code shown makes the assumption that you\u2019ve stored your API key in an environment variable named VULNCHECK_API_KEY<\/code>.<\/p>\n

After the curl<\/code> examples, there’s a section on a small Golang CLI I made to make it easier to get combined extended KEV and NVDv2 CVE information in one CLI call for a given CVE.<\/p>\n

Backups<\/h2>\n

Retrieving the complete dataset is a multi-step process. First you make a call to the specific API endpoint for each index to backup. That returns some JSON with a temporary, AWS pre-signed URL (a method to grant temporary access to files stored in AWS S3) to download the ZIP file. Then you download the ZIP file, and finally you extract the contents of the ZIP file into a directory. The output is different for the NVDv2 and extended KEV indexes, but the core process is the same.<\/p>\n

NVDv2<\/h3>\n

Here\u2019s a curl<\/code> idiom for the NVDv2 index backup. The result is a directory of uncompressed JSON that\u2019s in the same format as the NVDv2 JSON feeds.<\/p>\n

# Grab the temporary AWS pre-signed URL for the NVDv2 index and then download the ZIP file.\ncurl \\\n  --silent \\\n  --output vcnvd2.zip --url \"$(\n    curl \\\n      --silent \\\n      --cookie \"token=${VULNCHECK_API_KEY}\" \\\n      --header 'Accept: application\/json' \\\n      --url \"https:\/\/api.vulncheck.com\/v3\/backup\/nist-nvd2\" | jq -r '.data[].url'\n    )\"\n\nrm -rf .\/nvd2\n\n# unzip it\nunzip -q -o -d .\/nvd2 vcnvd2.zip\n\n# uncompress the JSON files\nls .\/nvd2\/*gz | xargs gunzip\n\ntree .\/nvd2\n<\/code><\/pre>\n
.\/nvd2\n\u251c\u2500\u2500 nvdcve-2.0-000.json\n\u251c\u2500\u2500 nvdcve-2.0-001.json\n\u251c\u2500\u2500 nvdcve-2.0-002.json\n\u251c\u2500\u2500 nvdcve-2.0-003.json\n\u251c\u2500\u2500 nvdcve-2.0-004.json\n\u251c\u2500\u2500 nvdcve-2.0-005.json\n\u251c\u2500\u2500 nvdcve-2.0-006.json\n\u251c\u2500\u2500 nvdcve-2.0-007.json\n\u251c\u2500\u2500 nvdcve-2.0-008.json\n\u251c\u2500\u2500 nvdcve-2.0-009.json\n\u251c\u2500\u2500 nvdcve-2.0-010.json\n\u251c\u2500\u2500 nvdcve-2.0-011.json\n\u251c\u2500\u2500 nvdcve-2.0-012.json\n\u251c\u2500\u2500 nvdcve-2.0-013.json\n\u251c\u2500\u2500 nvdcve-2.0-014.json\n\u251c\u2500\u2500 nvdcve-2.0-015.json\n\u251c\u2500\u2500 nvdcve-2.0-016.json\n\u251c\u2500\u2500 nvdcve-2.0-017.json\n\u251c\u2500\u2500 nvdcve-2.0-018.json\n\u251c\u2500\u2500 nvdcve-2.0-019.json\n\u251c\u2500\u2500 nvdcve-2.0-020.json\n\u251c\u2500\u2500 nvdcve-2.0-021.json\n\u251c\u2500\u2500 nvdcve-2.0-022.json\n\u251c\u2500\u2500 nvdcve-2.0-023.json\n\u251c\u2500\u2500 nvdcve-2.0-024.json\n\u251c\u2500\u2500 nvdcve-2.0-025.json\n\u251c\u2500\u2500 nvdcve-2.0-026.json\n\u251c\u2500\u2500 nvdcve-2.0-027.json\n\u251c\u2500\u2500 nvdcve-2.0-028.json\n\u251c\u2500\u2500 nvdcve-2.0-029.json\n\u251c\u2500\u2500 nvdcve-2.0-030.json\n\u251c\u2500\u2500 nvdcve-2.0-031.json\n\u251c\u2500\u2500 nvdcve-2.0-032.json\n\u251c\u2500\u2500 nvdcve-2.0-033.json\n\u251c\u2500\u2500 nvdcve-2.0-034.json\n\u251c\u2500\u2500 nvdcve-2.0-035.json\n\u251c\u2500\u2500 nvdcve-2.0-036.json\n\u251c\u2500\u2500 nvdcve-2.0-037.json\n\u251c\u2500\u2500 nvdcve-2.0-038.json\n\u251c\u2500\u2500 nvdcve-2.0-039.json\n\u251c\u2500\u2500 nvdcve-2.0-040.json\n\u251c\u2500\u2500 nvdcve-2.0-041.json\n\u251c\u2500\u2500 nvdcve-2.0-042.json\n\u251c\u2500\u2500 nvdcve-2.0-043.json\n\u251c\u2500\u2500 nvdcve-2.0-044.json\n\u251c\u2500\u2500 nvdcve-2.0-045.json\n\u251c\u2500\u2500 nvdcve-2.0-046.json\n\u251c\u2500\u2500 nvdcve-2.0-047.json\n\u251c\u2500\u2500 nvdcve-2.0-048.json\n\u251c\u2500\u2500 nvdcve-2.0-049.json\n\u251c\u2500\u2500 nvdcve-2.0-050.json\n\u251c\u2500\u2500 nvdcve-2.0-051.json\n\u251c\u2500\u2500 nvdcve-2.0-052.json\n\u251c\u2500\u2500 nvdcve-2.0-053.json\n\u251c\u2500\u2500 nvdcve-2.0-054.json\n\u251c\u2500\u2500 nvdcve-2.0-055.json\n\u251c\u2500\u2500 nvdcve-2.0-056.json\n\u251c\u2500\u2500 nvdcve-2.0-057.json\n\u251c\u2500\u2500 nvdcve-2.0-058.json\n\u251c\u2500\u2500 nvdcve-2.0-059.json\n\u251c\u2500\u2500 nvdcve-2.0-060.json\n\u251c\u2500\u2500 nvdcve-2.0-061.json\n\u251c\u2500\u2500 nvdcve-2.0-062.json\n\u251c\u2500\u2500 nvdcve-2.0-063.json\n\u251c\u2500\u2500 nvdcve-2.0-064.json\n\u251c\u2500\u2500 nvdcve-2.0-065.json\n\u251c\u2500\u2500 nvdcve-2.0-066.json\n\u251c\u2500\u2500 nvdcve-2.0-067.json\n\u251c\u2500\u2500 nvdcve-2.0-068.json\n\u251c\u2500\u2500 nvdcve-2.0-069.json\n\u251c\u2500\u2500 nvdcve-2.0-070.json\n\u251c\u2500\u2500 nvdcve-2.0-071.json\n\u251c\u2500\u2500 nvdcve-2.0-072.json\n\u251c\u2500\u2500 nvdcve-2.0-073.json\n\u251c\u2500\u2500 nvdcve-2.0-074.json\n\u251c\u2500\u2500 nvdcve-2.0-075.json\n\u251c\u2500\u2500 nvdcve-2.0-076.json\n\u251c\u2500\u2500 nvdcve-2.0-077.json\n\u251c\u2500\u2500 nvdcve-2.0-078.json\n\u251c\u2500\u2500 nvdcve-2.0-079.json\n\u251c\u2500\u2500 nvdcve-2.0-080.json\n\u251c\u2500\u2500 nvdcve-2.0-081.json\n\u251c\u2500\u2500 nvdcve-2.0-082.json\n\u251c\u2500\u2500 nvdcve-2.0-083.json\n\u251c\u2500\u2500 nvdcve-2.0-084.json\n\u251c\u2500\u2500 nvdcve-2.0-085.json\n\u251c\u2500\u2500 nvdcve-2.0-086.json\n\u251c\u2500\u2500 nvdcve-2.0-087.json\n\u251c\u2500\u2500 nvdcve-2.0-088.json\n\u251c\u2500\u2500 nvdcve-2.0-089.json\n\u251c\u2500\u2500 nvdcve-2.0-090.json\n\u251c\u2500\u2500 nvdcve-2.0-091.json\n\u251c\u2500\u2500 nvdcve-2.0-092.json\n\u251c\u2500\u2500 nvdcve-2.0-093.json\n\u251c\u2500\u2500 nvdcve-2.0-094.json\n\u251c\u2500\u2500 nvdcve-2.0-095.json\n\u251c\u2500\u2500 nvdcve-2.0-096.json\n\u251c\u2500\u2500 nvdcve-2.0-097.json\n\u251c\u2500\u2500 nvdcve-2.0-098.json\n\u251c\u2500\u2500 nvdcve-2.0-099.json\n\u251c\u2500\u2500 nvdcve-2.0-100.json\n\u251c\u2500\u2500 nvdcve-2.0-101.json\n\u251c\u2500\u2500 nvdcve-2.0-102.json\n\u251c\u2500\u2500 nvdcve-2.0-103.json\n\u251c\u2500\u2500 nvdcve-2.0-104.json\n\u251c\u2500\u2500 nvdcve-2.0-105.json\n\u251c\u2500\u2500 nvdcve-2.0-106.json\n\u251c\u2500\u2500 nvdcve-2.0-107.json\n\u251c\u2500\u2500 nvdcve-2.0-108.json\n\u251c\u2500\u2500 nvdcve-2.0-109.json\n\u251c\u2500\u2500 nvdcve-2.0-110.json\n\u251c\u2500\u2500 nvdcve-2.0-111.json\n\u251c\u2500\u2500 nvdcve-2.0-112.json\n\u251c\u2500\u2500 nvdcve-2.0-113.json\n\u251c\u2500\u2500 nvdcve-2.0-114.json\n\u251c\u2500\u2500 nvdcve-2.0-115.json\n\u251c\u2500\u2500 nvdcve-2.0-116.json\n\u251c\u2500\u2500 nvdcve-2.0-117.json\n\u251c\u2500\u2500 nvdcve-2.0-118.json\n\u251c\u2500\u2500 nvdcve-2.0-119.json\n\u251c\u2500\u2500 nvdcve-2.0-120.json\n\u2514\u2500\u2500 nvdcve-2.0-121.json\n\n1 directory, 122 files\n<\/code><\/pre>\n
VulnCheck\u2019s Extended KEV<\/h3>\n
Here\u2019s a curl<\/code> idiom for the extended KEV index backup. The result is a directory with a single uncompressed JSON that\u2019s in an extended format of what\u2019s in the CISA KEV JSON.s<\/p>\n
# Grab the temporary AWS pre-signed URL for the NVDv2 index and then download the ZIP file.\ncurl \\\n  --silent \\\n  --output vckev.zip --url \"$(\n    curl \\\n      --silent \\\n      --cookie \"token=${VULNCHECK_API_KEY}\" \\\n      --header 'Accept: application\/json' \\\n      --url \"https:\/\/api.vulncheck.com\/v3\/backup\/vulncheck-kev\" | jq -r '.data[].url'\n    )\"\n\nrm -rf .\/vckev\n\n# unzip it\nunzip -q -o -d .\/vckev vckev.zip\n\ntree .\/vckev\n<\/code><\/pre>\n
.\/vckev\n\u2514\u2500\u2500 vulncheck_known_exploited_vulnerabilities.json\n\n1 directory, 1 file\n<\/code><\/pre>\n
Retrieving Information On Individual CVEs<\/h2>\n
While there are other, searchable fields for each index, the primary use case for most of us is getting information on individual CVEs. The API calls are virtually identical, apart from the selected index.<\/p>\n
NOTE: the examples pipe the output through jq<\/code> to make the API results easier to read.<\/p>\n
NVDv2<\/h3>\n
curl \\\n  --silent \\\n  --cookie \"token=${VULNCHECK_API_KEY}\" \\\n  --header 'Accept: application\/json' \\\n  --url \"https:\/\/api.vulncheck.com\/v3\/index\/nist-nvd2?cve=CVE-2024-23334\" | jq\n<\/code><\/pre>\n
{\n  \"_benchmark\": 0.056277,\n  \"_meta\": {\n    \"timestamp\": \"2024-03-23T08:47:17.940032202Z\",\n    \"index\": \"nist-nvd2\",\n    \"limit\": 100,\n    \"total_documents\": 1,\n    \"sort\": \"_id\",\n    \"parameters\": [\n      {\n        \"name\": \"cve\",\n        \"format\": \"CVE-YYYY-N{4-7}\"\n      },\n      {\n        \"name\": \"alias\"\n      },\n      {\n        \"name\": \"iava\",\n        \"format\": \"[0-9]{4}[A-Z-0-9]+\"\n      },\n      {\n        \"name\": \"threat_actor\"\n      },\n      {\n        \"name\": \"mitre_id\"\n      },\n      {\n        \"name\": \"misp_id\"\n      },\n      {\n        \"name\": \"ransomware\"\n      },\n      {\n        \"name\": \"botnet\"\n      },\n      {\n        \"name\": \"published\"\n      },\n      {\n        \"name\": \"lastModStartDate\",\n        \"format\": \"YYYY-MM-DD\"\n      },\n      {\n        \"name\": \"lastModEndDate\",\n        \"format\": \"YYYY-MM-DD\"\n      }\n    ],\n    \"order\": \"desc\",\n    \"page\": 1,\n    \"total_pages\": 1,\n    \"max_pages\": 6,\n    \"first_item\": 1,\n    \"last_item\": 1\n  },\n  \"data\": [\n    {\n      \"id\": \"CVE-2024-23334\",\n      \"sourceIdentifier\": \"security-advisories@github.com\",\n      \"vulnStatus\": \"Modified\",\n      \"published\": \"2024-01-29T23:15:08.563\",\n      \"lastModified\": \"2024-02-09T03:15:09.603\",\n      \"descriptions\": [\n        {\n          \"lang\": \"en\",\n          \"value\": \"aiohttp is an asynchronous HTTP client\/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present.  Disabling follow_symlinks and using a reverse proxy are encouraged mitigations.  Version 3.9.2 fixes this issue.\"\n        },\n        {\n          \"lang\": \"es\",\n          \"value\": \"aiohttp es un framework cliente\/servidor HTTP as\u00edncrono para asyncio y Python. Cuando se utiliza aiohttp como servidor web y se configuran rutas est\u00e1ticas, es necesario especificar la ruta ra\u00edz para los archivos est\u00e1ticos. Adem\u00e1s, la opci\u00f3n 'follow_symlinks' se puede utilizar para determinar si se deben seguir enlaces simb\u00f3licos fuera del directorio ra\u00edz est\u00e1tico. Cuando 'follow_symlinks' se establece en Verdadero, no hay validaci\u00f3n para verificar si la lectura de un archivo est\u00e1 dentro del directorio ra\u00edz. Esto puede generar vulnerabilidades de directory traversal, lo que resulta en acceso no autorizado a archivos arbitrarios en el sistema, incluso cuando no hay enlaces simb\u00f3licos presentes. Se recomiendan como mitigaciones deshabilitar follow_symlinks y usar un proxy inverso. La versi\u00f3n 3.9.2 soluciona este problema.\"\n        }\n      ],\n      \"references\": [\n        {\n          \"url\": \"https:\/\/github.com\/aio-libs\/aiohttp\/commit\/1c335944d6a8b1298baf179b7c0b3069f10c514b\",\n          \"source\": \"security-advisories@github.com\",\n          \"tags\": [\n            \"Patch\"\n          ]\n        },\n        {\n          \"url\": \"https:\/\/github.com\/aio-libs\/aiohttp\/pull\/8079\",\n          \"source\": \"security-advisories@github.com\",\n          \"tags\": [\n            \"Patch\"\n          ]\n        },\n        {\n          \"url\": \"https:\/\/github.com\/aio-libs\/aiohttp\/security\/advisories\/GHSA-5h86-8mv2-jq9f\",\n          \"source\": \"security-advisories@github.com\",\n          \"tags\": [\n            \"Exploit\",\n            \"Mitigation\",\n            \"Vendor Advisory\"\n          ]\n        },\n        {\n          \"url\": \"https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/ICUOCFGTB25WUT336BZ4UNYLSZOUVKBD\/\",\n          \"source\": \"security-advisories@github.com\"\n        },\n        {\n          \"url\": \"https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/XXWVZIVAYWEBHNRIILZVB3R3SDQNNAA7\/\",\n          \"source\": \"security-advisories@github.com\",\n          \"tags\": [\n            \"Mailing List\"\n          ]\n        }\n      ],\n      \"metrics\": {\n        \"cvssMetricV31\": [\n          {\n            \"source\": \"nvd@nist.gov\",\n            \"type\": \"Primary\",\n            \"cvssData\": {\n              \"version\": \"3.1\",\n              \"vectorString\": \"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N\",\n              \"attackVector\": \"NETWORK\",\n              \"attackComplexity\": \"LOW\",\n              \"privilegesRequired\": \"NONE\",\n              \"userInteraction\": \"NONE\",\n              \"scope\": \"UNCHANGED\",\n              \"confidentialityImpact\": \"HIGH\",\n              \"integrityImpact\": \"NONE\",\n              \"availabilityImpact\": \"NONE\",\n              \"baseScore\": 7.5,\n              \"baseSeverity\": \"HIGH\"\n            },\n            \"exploitabilityScore\": 3.9,\n            \"impactScore\": 3.6\n          },\n          {\n            \"source\": \"security-advisories@github.com\",\n            \"type\": \"Secondary\",\n            \"cvssData\": {\n              \"version\": \"3.1\",\n              \"vectorString\": \"CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N\",\n              \"attackVector\": \"NETWORK\",\n              \"attackComplexity\": \"HIGH\",\n              \"privilegesRequired\": \"NONE\",\n              \"userInteraction\": \"NONE\",\n              \"scope\": \"UNCHANGED\",\n              \"confidentialityImpact\": \"HIGH\",\n              \"integrityImpact\": \"NONE\",\n              \"availabilityImpact\": \"NONE\",\n              \"baseScore\": 5.9,\n              \"baseSeverity\": \"MEDIUM\"\n            },\n            \"exploitabilityScore\": 2.2,\n            \"impactScore\": 3.6\n          }\n        ]\n      },\n      \"weaknesses\": [\n        {\n          \"source\": \"security-advisories@github.com\",\n          \"type\": \"Primary\",\n          \"description\": [\n            {\n              \"lang\": \"en\",\n              \"value\": \"CWE-22\"\n            }\n          ]\n        }\n      ],\n      \"configurations\": [\n        {\n          \"nodes\": [\n            {\n              \"operator\": \"OR\",\n              \"cpeMatch\": [\n                {\n                  \"vulnerable\": true,\n                  \"criteria\": \"cpe:2.3:a:aiohttp:aiohttp:*:*:*:*:*:*:*:*\",\n                  \"versionStartIncluding\": \"1.0.5\",\n                  \"versionEndExcluding\": \"3.9.2\",\n                  \"matchCriteriaId\": \"CC18B2A9-9D80-4A6E-94E7-8FC010D8FC70\"\n                }\n              ]\n            }\n          ]\n        },\n        {\n          \"nodes\": [\n            {\n              \"operator\": \"OR\",\n              \"cpeMatch\": [\n                {\n                  \"vulnerable\": true,\n                  \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\n                  \"matchCriteriaId\": \"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"\n                }\n              ]\n            }\n          ]\n        }\n      ],\n      \"_timestamp\": \"2024-02-09T05:33:33.170054Z\"\n    }\n  ]\n}\n<\/code><\/pre>\n
VulnCheck\u2019s Extended KEV<\/h3>\n
curl \\\n  --silent \\\n  --cookie \"token=${VULNCHECK_API_KEY}\" \\\n  --header 'Accept: application\/json' \\\n  --url \"https:\/\/api.vulncheck.com\/v3\/index\/vulncheck-kev?cve=CVE-2024-23334\" | jq\n<\/code><\/pre>\n
{\n  \"_benchmark\": 0.328855,\n  \"_meta\": {\n    \"timestamp\": \"2024-03-23T08:47:41.025967418Z\",\n    \"index\": \"vulncheck-kev\",\n    \"limit\": 100,\n    \"total_documents\": 1,\n    \"sort\": \"_id\",\n    \"parameters\": [\n      {\n        \"name\": \"cve\",\n        \"format\": \"CVE-YYYY-N{4-7}\"\n      },\n      {\n        \"name\": \"alias\"\n      },\n      {\n        \"name\": \"iava\",\n        \"format\": \"[0-9]{4}[A-Z-0-9]+\"\n      },\n      {\n        \"name\": \"threat_actor\"\n      },\n      {\n        \"name\": \"mitre_id\"\n      },\n      {\n        \"name\": \"misp_id\"\n      },\n      {\n        \"name\": \"ransomware\"\n      },\n      {\n        \"name\": \"botnet\"\n      },\n      {\n        \"name\": \"published\"\n      },\n      {\n        \"name\": \"lastModStartDate\",\n        \"format\": \"YYYY-MM-DD\"\n      },\n      {\n        \"name\": \"lastModEndDate\",\n        \"format\": \"YYYY-MM-DD\"\n      },\n      {\n        \"name\": \"pubStartDate\",\n        \"format\": \"YYYY-MM-DD\"\n      },\n      {\n        \"name\": \"pubEndDate\",\n        \"format\": \"YYYY-MM-DD\"\n      }\n    ],\n    \"order\": \"desc\",\n    \"page\": 1,\n    \"total_pages\": 1,\n    \"max_pages\": 6,\n    \"first_item\": 1,\n    \"last_item\": 1\n  },\n  \"data\": [\n    {\n      \"vendorProject\": \"aiohttp\",\n      \"product\": \"aiohttp\",\n      \"shortDescription\": \"aiohttp is an asynchronous HTTP client\/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present.  Disabling follow_symlinks and using a reverse proxy are encouraged mitigations.  Version 3.9.2 fixes this issue.\",\n      \"vulnerabilityName\": \"aiohttp aiohttp Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\",\n      \"required_action\": \"Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.\",\n      \"knownRansomwareCampaignUse\": \"Known\",\n      \"cve\": [\n        \"CVE-2024-23334\"\n      ],\n      \"vulncheck_xdb\": [\n        {\n          \"xdb_id\": \"231b48941355\",\n          \"xdb_url\": \"https:\/\/vulncheck.com\/xdb\/231b48941355\",\n          \"date_added\": \"2024-02-28T22:30:21Z\",\n          \"exploit_type\": \"infoleak\",\n          \"clone_ssh_url\": \"git@github.com:ox1111\/CVE-2024-23334.git\"\n        },\n        {\n          \"xdb_id\": \"f1d001911304\",\n          \"xdb_url\": \"https:\/\/vulncheck.com\/xdb\/f1d001911304\",\n          \"date_added\": \"2024-03-19T16:28:56Z\",\n          \"exploit_type\": \"infoleak\",\n          \"clone_ssh_url\": \"git@github.com:jhonnybonny\/CVE-2024-23334.git\"\n        }\n      ],\n      \"vulncheck_reported_exploitation\": [\n        {\n          \"url\": \"https:\/\/cyble.com\/blog\/cgsi-probes-shadowsyndicate-groups-possible-exploitation-of-aiohttp-vulnerability-cve-2024-23334\/\",\n          \"date_added\": \"2024-03-15T00:00:00Z\"\n        }\n      ],\n      \"date_added\": \"2024-03-15T00:00:00Z\",\n      \"_timestamp\": \"2024-03-23T08:27:47.861266Z\"\n    }\n  ]\n}\n<\/code><\/pre>\n
vccve<\/h2>\n
There’s a project on Codeberg<\/a> that has code and binaries for macOS, Linux, and Windows for a small CLI that gets you combined extended KEV and NVDv2 information all in one call.<\/p>\n
The project README has examples and installation instructions.<\/p>\n","protected":false},"excerpt":{"rendered":"
VulnCheck has some new, free API endpoints for the cybersecurity community. Two extremely useful ones are for their extended version of CISA\u2019s KEV, and an in-situ replacement for NVD\u2019s sad excuse for an API and soon-to-be-removed JSON feeds. There are two ways to work with these APIs. One is retrieve a \u201cbackup\u201d of the entire […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"federated","footnotes":""},"categories":[760,681,26],"tags":[],"class_list":["post-18584","post","type-post","status-publish","format-standard","hentry","category-apis","category-cybersecurity","category-vulnerabilities"],"yoast_head":"\nVulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is<\/title>\n<meta name=\"description\" content=\"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is\" \/>\n<meta property=\"og:description\" content=\"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/\" \/>\n<meta property=\"og:site_name\" content=\"rud.is\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-23T10:35:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-23T10:36:00+00:00\" \/>\n<meta name=\"author\" content=\"hrbrmstr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"hrbrmstr\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/\"},\"author\":{\"name\":\"hrbrmstr\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"headline\":\"VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)\",\"datePublished\":\"2024-03-23T10:35:59+00:00\",\"dateModified\":\"2024-03-23T10:36:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/\"},\"wordCount\":411,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"articleSection\":[\"APIs\",\"Cybersecurity\",\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/\",\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/\",\"name\":\"VulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#website\"},\"datePublished\":\"2024-03-23T10:35:59+00:00\",\"dateModified\":\"2024-03-23T10:36:00+00:00\",\"description\":\"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2024\\\/03\\\/23\\\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/rud.is\\\/b\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#website\",\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/\",\"name\":\"rud.is\",\"description\":\""In God we trust. All others must bring data"\",\"publisher\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/rud.is\\\/b\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\",\"name\":\"hrbrmstr\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"width\":460,\"height\":460,\"caption\":\"hrbrmstr\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\"},\"description\":\"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7\",\"sameAs\":[\"http:\\\/\\\/rud.is\"],\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/author\\\/hrbrmstr\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is","description":"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/","og_locale":"en_US","og_type":"article","og_title":"VulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is","og_description":"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.","og_url":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/","og_site_name":"rud.is","article_published_time":"2024-03-23T10:35:59+00:00","article_modified_time":"2024-03-23T10:36:00+00:00","author":"hrbrmstr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"hrbrmstr"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/#article","isPartOf":{"@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/"},"author":{"name":"hrbrmstr","@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"headline":"VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)","datePublished":"2024-03-23T10:35:59+00:00","dateModified":"2024-03-23T10:36:00+00:00","mainEntityOfPage":{"@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/"},"wordCount":411,"commentCount":4,"publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"articleSection":["APIs","Cybersecurity","Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/","url":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/","name":"VulnCheck's Free Community KEV & CVE APIs (Code & Golang CLI Utility) - rud.is","isPartOf":{"@id":"https:\/\/rud.is\/b\/#website"},"datePublished":"2024-03-23T10:35:59+00:00","dateModified":"2024-03-23T10:36:00+00:00","description":"Learn how to work with VulnCheck's new community KEV+NVD CVE APIs in curl & Go, & checkout a new, small CLI tool to get both simultaneously.","breadcrumb":{"@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/rud.is\/b\/2024\/03\/23\/vulnchecks-free-community-kev-cve-apis-code-golang-cli-utility\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/rud.is\/b\/"},{"@type":"ListItem","position":2,"name":"VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)"}]},{"@type":"WebSite","@id":"https:\/\/rud.is\/b\/#website","url":"https:\/\/rud.is\/b\/","name":"rud.is","description":""In God we trust. All others must bring data"","publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rud.is\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886","name":"hrbrmstr","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","width":460,"height":460,"caption":"hrbrmstr"},"logo":{"@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1"},"description":"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7","sameAs":["http:\/\/rud.is"],"url":"https:\/\/rud.is\/b\/author\/hrbrmstr\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p23idr-4PK","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":25391,"url":"https:\/\/rud.is\/b\/2025\/05\/14\/euvd-api-npm-and-go-packages-nicer-docs\/","url_meta":{"origin":18584,"position":0},"title":"EUVD API NPM And Go Packages + Nicer Docs","author":"hrbrmstr","date":"2025-05-14","format":false,"excerpt":"ENISA published docs for their European Vulnerability Database (EUVD) \u2014 https:\/\/euvd.enisa.europa.eu\/apidoc. I've got an easier-on-the-eyes version that supports light\/dark mode and includes sample API JSON results at https:\/\/rud.is\/euvd-api\/. The Quarto markdown source for it can be found at https:\/\/rud.is\/euvd-api\/euvd-api.qmd. I need to make an MCP (Model Context Protocol) server for\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":13498,"url":"https:\/\/rud.is\/b\/2022\/07\/10\/rust-cli-for-apples-weatherkit-rest-api\/","url_meta":{"origin":18584,"position":1},"title":"Rust CLI For Apple’s WeatherKit REST API","author":"hrbrmstr","date":"2022-07-10","format":false,"excerpt":"Apple is in the final stages of shuttering the DarkSky service\/API. They've replaced it with WeatherKit, which has both an xOS framework version as well as a REST API. To use either, you need to be a member of the Apple Developer Program (ADP) \u2014 $99.00\/USD per-year \u2014 and calls\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/rud.is\/b\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7020,"url":"https:\/\/rud.is\/b\/2017\/11\/06\/taking-a-shot-at-cdcfluview-v0-7-0-a-k-a-the-dangers-of-relying-on-hidden-apis\/","url_meta":{"origin":18584,"position":2},"title":"Taking a Shot at cdcfluview v0.7.0 (a.k.a. The Dangers of Relying on ‘Hidden’ APIs)","author":"hrbrmstr","date":"2017-11-06","format":false,"excerpt":"Unlike @noamross, I am not an epidemiologist (NOTE: Noam battles pandemics before breakfast, so be super nice to him) but I do like to find kindred methodologies in other disciplines to help foster the growth of cybersecurity into something beyond it's current Barnum & Bailey state. I also love finding\u2026","rel":"","context":"In "R"","block_context":{"text":"R","link":"https:\/\/rud.is\/b\/category\/r\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/11\/unnamed-chunk-5-4.png?fit=672%2C480&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/11\/unnamed-chunk-5-4.png?fit=672%2C480&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/11\/unnamed-chunk-5-4.png?fit=672%2C480&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":25216,"url":"https:\/\/rud.is\/b\/2025\/05\/02\/new-cisa-kev-mcp-server\/","url_meta":{"origin":18584,"position":3},"title":"New CISA KEV MCP Server","author":"hrbrmstr","date":"2025-05-02","format":false,"excerpt":"MCP servers let you wire up external services\/APIs in a standard way for LLM\/GPT tool-calling and other forms of automation. I made a basic, but fairly comprehensive CISA KEV MCP server that I go into the details a bit more of here. To test it, I hammered out some questions\u2026","rel":"","context":"In "AI"","block_context":{"text":"AI","link":"https:\/\/rud.is\/b\/category\/ai\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":25048,"url":"https:\/\/rud.is\/b\/2025\/04\/27\/new-geolocus-cli-for-onyphes-geolocus-database\/","url_meta":{"origin":18584,"position":4},"title":"New geolocus-cli For ONYPHE’s Geolocus Database","author":"hrbrmstr","date":"2025-04-27","format":false,"excerpt":"ONYPHE has made available a free API and free MMDB download of their new Geolocus database. It provided IP address metadata in the form of: { \"abuse\": [ \"amzn-noc-contact@amazon.com\", \"aws-routing-poc@amazon.com\", \"aws-rpki-routing-poc@amazon.com\", \"trustandsafety@support.aws.com\" ], \"asn\": \"AS14618\", \"continent\": \"NA\", \"continentname\": \"North America\", \"country\": \"US\", \"countryname\": \"United States\", \"domain\": [ \"amazon.com\", \"amazonaws.com\", \"aws.com\"\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"compass on map","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2025\/04\/getty-images-95WsGwmiZk4-unsplash-1.jpg?fit=512%2C419&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":24853,"url":"https:\/\/rud.is\/b\/2025\/04\/16\/american-cyber-sigh\/","url_meta":{"origin":18584,"position":5},"title":"American [Cyber] Sigh","author":"hrbrmstr","date":"2025-04-16","format":false,"excerpt":"A long, long time ago I can still remember How those CVEs would make me smile And I knew if I had my chance To patch a vuln or take a stance Maybe we\u2019d be secure for a while But April ides made me shiver With each leaked memo and\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/18584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/comments?post=18584"}],"version-history":[{"count":0,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/18584\/revisions"}],"wp:attachment":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/media?parent=18584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/categories?post=18584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/tags?post=18584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}