GET Web Application Security Evidence: Components with Known Vulnerabilities – Bitsight Knowledge Base

https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=web_appsec

Get components (javascript libraries) with known vulnerabilities evidence [details.assessment_name = javascript_library_vulnerabilities].

For details specific to Web Application Security, use the ?risk_vector=web_appsec parameter. Other query parameters are listed in GET: Finding Details.

Example Response

{
  "library":"jquery-ui",
  "version":"1.12.1",
  "cves":[
    {
      "cveId":"CVE-2021-41182"
    },
    […]
  ],
  ⊕ See additional evidences
}

Response Attributes

Field			Description
`library` String			The Javascript library.
`version` String			The javascript version.
`cpe` String			The Common Platform Enumeration (CPE) name for this library.
`cves` Array			Vulnerabilities associated with this library.
	Object		A vulnerability.
		`cveId` String	The Common Vulnerabilities and Exposures ID (CVE ID).

January 15, 2026: Corrected assessmentName parameter to details.assessment_name
September 16, 2025: Asset name syntax.
May 15, 2024: Linked to vulnerability definition.
August 11, 2023: Published.

Example Response

Response Attributes

Related articles