EVC API

Want to query EVC using your own automation? Use our APIs below.

EVC v1.0

Before You Begin

Go to the BlueRock Developers portal.
Sign In to auto-register your account.
Click your email address in the top-left corner and select Apps from the drop down.
Select +NEW APP and provide an App Name (e.g., splunk-lookup) and an optional Description.
Enable the BlueRock EVC 1.0 API.
Save your app and save the Key associated with your app (to be used as the X-API-Keyfor header-based authentication).

After creating your app, initial API key activation can take up to 1 business day to complete. If your API key is still not active after that time, please contact us.

Overview

At a high level, submitting CVEs for analysis by EVC is a three-step process:

Provide the complete list of CVEs you want EVC to analyze. EVC will then return the subset of CVEs it immediately knows about already.
For any previously unknown CVEs, EVC will start a deep research job to exhaustively analyze the remaining CVEs.
Once completed, you can either be notified by EVC via a callback or periodically poll EVC for the final job results.

Deep research jobs usually take about 1-2 hours to complete, depending on the quantity of unknown CVEs.

Technical Details

If you have 1-100 CVEs per query...

Use the HTTP POST /searchendpoint with the application/json content type.

Where typeis set to "query"and queryis set to the set of CVEs you want to search for
EVC will provide the initial search results along with a job_id, corresponding to the deep research job to analyze any previously unknown CVEs.

To check when a deep research job is complete, periodically poll the HTTP GET /search?job_id=endpoint with your corresponding job_id.

When the statusfield is either "done"or "rejected", then the deep research job is complete.
Once complete, the response to this call will be the complete results of all corresponding CVEs in your original query.

(Optional) Instead of polling, you can request to be notified via a callback when the deep research job completes.

To enable this, specify a callback_urlalong with callback_headervalues (that EVC can use authenticate to your callback service)
Once the deep research job completes, EVC sends a callback as an HTTP POSTaction to your callback_url with all callback_headervalues set.
The callback payload in this HTTP POST is{"job_id":"YOUR JOB ID"}.
Use the job_idto query the HTTP GET /search?job_id=endpoint to fetch the completed job results.

If you have more than 100+ CVEs per query...

Use the HTTP POST /searchendpoint with the multipart/form-data content type.

Where typeis set to "file"and file contains the set of CVEs to query against.
EVC will provide the initial search results along with a job_id, corresponding to the deep research job to analyze any previously unknown CVEs.

To check when a deep research job is complete, periodically poll the HTTP GET /search?job_id=endpoint with your corresponding job_id.

When the statusfield is either "done"or "rejected", then the deep research job is complete.
Once complete, the response to this call will be the complete results of all corresponding CVEs in your original query.

(Optional) Instead of polling, you can request to be notified via a callback when the deep research job completes.

To enable this, specify a callback_urlalong with callback_headervalues (that EVC can use authenticate to your callback service)
Once the deep research job completes, EVC sends a callback as an HTTP POSTaction to your callback_url with all callback_headervalues set.
The callback payload in this HTTP POST is{"job_id":"YOUR JOB ID"}.
Use the job_idto query the HTTP GET /search?job_id=endpoint to fetch the completed job results.

OpenAPI Swagger

24KB

bluerock-evc-api-1.0.2.yaml

Open

API Playground

Submit a CVE search query and retrieve results.

post

Authorizations

X-API-KeystringRequired

Header-based X-API-Key for authentication.

Body

typestring · enumRequired

Submission type. Use query for text submissions and file for file uploads.

Possible values:

querystring · max: 2000Required

The text query. Required when type is query.

callback_urlstring · uri | nullableOptional

Optional callback URL sent by EVC as an HTTP POST to notify when processing is complete. Will contain {"job_id": "the job ID", "status": "job status"} as the HTTP body. Invalid URLs will be rejected.

Default: ""

Responses

200

Initial search results and deep research job status.

application/json

default

An error occurred.

application/json

post

/search

POST /evc/1.0/search HTTP/1.1
Host: api.bluerock.io
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 161

{
  "type": "query",
  "query": "CVE-2024-51378, CVE-2025-1094",
  "callback_url": "https://webhook.domain.com/path/to/callback",
  "callback_header": {
    "X-API-Key": "secretkey"
  }
}

{
  "job_id": "recFCMjjjS3MvPNw1",
  "status": "running",
  "created_at": "2025-03-24T21:09:15.000Z",
  "updated_at": "2025-03-24T21:09:24.000Z",
  "cves_found": 30,
  "cves_analyzed": 30,
  "cve_details": [
    {
      "id": "CVE-2023-38472",
      "name": "Avahi avahi_rdata_parse() Reachable Assertion Vulnerability",
      "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.",
      "vendor_project": "Avahi, Red Hat",
      "product": "Avahi, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38472",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.424Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.2",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec0a6su1gzg07skB"
    },
    {
      "id": "CVE-2021-3468",
      "name": "Avahi Infinite Loop Vulnerability in Client Connection Handling",
      "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal termination of the client connection is not correctly handled.",
      "vendor_project": "Avahi",
      "product": "Avahi",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3468",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.423Z",
      "cvss_version": "0",
      "cvss_base_score": "0",
      "cvss_base_severity": "UNKNOWN",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec1S3H2dD79m7syg"
    },
    {
      "id": "CVE-2025-25724",
      "name": "Denial of Service in libarchive via Crafted TAR Archive with Verbose Value",
      "description": "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service.",
      "vendor_project": "libarchive",
      "product": "libarchive",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.421Z",
      "cvss_version": "3.1",
      "cvss_base_score": "4",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec1XdzXBVQ1mPRok"
    },
    {
      "id": "CVE-2025-27113",
      "name": "libxml2 NULL Pointer Dereference Vulnerability in xmlPatMatch",
      "description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch.",
      "vendor_project": "GNOME",
      "product": "libxml2",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27113",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.419Z",
      "cvss_version": "3.1",
      "cvss_base_score": "2.9",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec2qkFnH60QGebmu"
    },
    {
      "id": "CVE-2023-48795",
      "name": "Terrapin Attack: SSH Protocol Integrity Bypass in Multiple Products",
      "description": "The SSH transport protocol with certain OpenSSH extensions allows remote attackers to bypass integrity checks, leading to potential security downgrades.",
      "vendor_project": "OpenBSD, PuTTY, FileZilla Project, Microsoft, Panic, Roumen Petrov, WinSCP, Bitvise, LANCOM Systems, VanDyke, libssh, Net-SSH, SSH2 Project, ProFTPD, FreeBSD, Crates, Tera Term Project, Oryx Embedded, CrushFTP, NetSarang, Paramiko, Red Hat, Golang, Russh Project, SFTPGo Project, Erlang, Matez, Libssh2, AsyncSSH Project, Dropbear SSH Project, Jadaptive, SSH, Thorn Tech, Netgate, ConnectBot, Apache, TinySSH, Trilead, 9bis, Gentoo, Fedora Project, Debian, Apple",
      "product": "OpenSSH, PuTTY, FileZilla Client, PowerShell, Transmit, Nova, PKIX-SSH, WinSCP, SSH Client, SSH Server, LCOS, LANconfig, SecureCRT, libssh, net-ssh, SSH2, ProFTPD, FreeBSD, Thrussh, Tera Term, CycloneSSH, CrushFTP, XShell, Paramiko, OpenShift Container Platform, OpenStack Platform, Ceph Storage, Enterprise Linux, OpenShift Serverless, OpenShift GitOps, OpenShift Pipelines, OpenShift Developer Tools and Services, OpenShift Data Foundation, OpenShift API for Data Protection, OpenShift Virtualization, Storage, Discovery, OpenShift Dev Spaces, Cert-Manager Operator for Red Hat OpenShift, Keycloak, JBoss Enterprise Application Platform, Single Sign-On, Advanced Cluster Security, Crypto, Russh, SFTPGo, Erlang/OTP, Jsch, Libssh2, AsyncSSH, Dropbear SSH, Maverick Synergy Java SSH API, SFTP Gateway, pfSense Plus, pfSense CE, ConnectBot SSH Library, SSHD, SSHJ, TinySSH, Trilead SSH2, KiTTY, Security, Fedora, Debian Linux, macOS",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
      "bluerock_coverage_status": "Planned (Future Mechanism)",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "The CVE-2023-48795 describes a vulnerability in the SSH transport protocol that allows attackers to bypass integrity checks. The BlueRock mechanism 'SSH Deep Auth & SSH Least Privilege' is applicable to address this issue.",
      "expires_at": "2025-06-22T21:09:25.418Z",
      "cvss_version": "3.1",
      "cvss_base_score": "5.9",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec33ppiDFi6ILNxk"
    },
    {
      "id": "CVE-2023-38473",
      "name": "Avahi Reachable Assertion Vulnerability in avahi_alternative_host_name Function",
      "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.",
      "vendor_project": "Avahi, Red Hat",
      "product": "Avahi, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38473",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.416Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.2",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec3ggb5q0oAzdgMI"
    },
    {
      "id": "CVE-2022-3219",
      "name": "GnuPG Vulnerability Allows Denial of Service via Crafted Public Key with Multiple Signatures",
      "description": "GnuPG can be made to spin on a small input by crafting a public key with thousands of signatures.",
      "vendor_project": "GnuPG",
      "product": "GnuPG",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.414Z",
      "cvss_version": "3.1",
      "cvss_base_score": "3.3",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec4INbWv4hV6UhMJ"
    },
    {
      "id": "CVE-2024-10041",
      "name": "Linux-PAM Speculative Execution Vulnerability Leading to Password Leakage",
      "description": "A vulnerability in PAM that may leak passwords during authentication due to speculative execution.",
      "vendor_project": "Linux-PAM, Red Hat",
      "product": "Linux-PAM, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10041",
      "bluerock_coverage_status": "Planned (Future Mechanism)",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "The CVE-2024-10041 involves speculative execution leading to password leakage, partially mitigated by Linux/Host Drift Protection.",
      "expires_at": "2025-06-22T21:09:25.413Z",
      "cvss_version": "3.1",
      "cvss_base_score": "4.7",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Linux/Host"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec68sR9pzmfx8KCA"
    },
    {
      "id": "CVE-2024-50349",
      "name": "Git Terminal Credential Prompt ANSI Escape Sequence Vulnerability",
      "description": "Git's terminal credential prompt may render URL-decoded ANSI escape sequences, confusing users and potentially capturing sensitive credentials.",
      "vendor_project": "Git",
      "product": "Git",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50349",
      "bluerock_coverage_status": "Yes",
      "bluerock_coverage_current": "The CVE can be partially mitigated by BlueRock using mechanisms like File Operations Protection, Reverse Shell Protection, Linux/Host Drift Protection, and Process Runtime Execution Guardrails.",
      "bluerock_coverage_future": "The mitigation involves similar mechanisms as in the current response, enforcing guardrails against unauthorized process execution.",
      "expires_at": "2025-06-22T21:09:25.411Z",
      "cvss_version": "4",
      "cvss_base_score": "2.1",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [
        "Linux/Host",
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec7bvcd7gCHw8k4J"
    },
    {
      "id": "CVE-2023-37769",
      "name": "Pixman FPE Vulnerability in combine_inner Component",
      "description": "A Floating Point Exception vulnerability in Pixman that can lead to Denial of Service.",
      "vendor_project": "Pixman",
      "product": "Pixman",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37769",
      "bluerock_coverage_status": "Yes",
      "bluerock_coverage_current": "The vulnerability involves a Floating Point Exception which may lead to DoS; mitigations include Kernel Integrity Protection and Process Runtime Execution Guardrails.",
      "bluerock_coverage_future": "The same mechanisms are expected to mitigate future risks associated with this vulnerability.",
      "expires_at": "2025-06-22T21:09:25.409Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.5",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Linux/Host",
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec8f728Sd3qaXAKr"
    }
  ],
  "callback_last_sent_at": null,
  "callback_status": null,
  "callback_count": 0,
  "total_pages": 3,
  "page_size": 10,
  "offset": 0,
  "next_offset": 10
}

Retrieve the deep research job status by job_id.

get

Authorizations

X-API-KeystringRequired

Header-based X-API-Key for authentication.

Query parameters

job_idstringRequired

The unique identifier for the deep research job.

page_sizeinteger · min: 1 · max: 100Optional

Number of items to return per page. Defaults to 10.

Default: 10

offsetintegerOptional

The starting position of the returned items in the overall result set. Defaults to 0.

Default: 0

Responses

200

Deep research job status and current response.

application/json

default

An error occurred.

application/json

get

/search

GET /evc/1.0/search?job_id=text HTTP/1.1
Host: api.bluerock.io
X-API-Key: YOUR_API_KEY
Accept: */*

{
  "job_id": "recFCMjjjS3MvPNw1",
  "status": "running",
  "created_at": "2025-03-24T21:09:15.000Z",
  "updated_at": "2025-03-24T21:09:24.000Z",
  "cves_found": 30,
  "cves_analyzed": 30,
  "cve_details": [
    {
      "id": "CVE-2023-38472",
      "name": "Avahi avahi_rdata_parse() Reachable Assertion Vulnerability",
      "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.",
      "vendor_project": "Avahi, Red Hat",
      "product": "Avahi, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38472",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.424Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.2",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec0a6su1gzg07skB"
    },
    {
      "id": "CVE-2021-3468",
      "name": "Avahi Infinite Loop Vulnerability in Client Connection Handling",
      "description": "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal termination of the client connection is not correctly handled.",
      "vendor_project": "Avahi",
      "product": "Avahi",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3468",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.423Z",
      "cvss_version": "0",
      "cvss_base_score": "0",
      "cvss_base_severity": "UNKNOWN",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec1S3H2dD79m7syg"
    },
    {
      "id": "CVE-2025-25724",
      "name": "Denial of Service in libarchive via Crafted TAR Archive with Verbose Value",
      "description": "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service.",
      "vendor_project": "libarchive",
      "product": "libarchive",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.421Z",
      "cvss_version": "3.1",
      "cvss_base_score": "4",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec1XdzXBVQ1mPRok"
    },
    {
      "id": "CVE-2025-27113",
      "name": "libxml2 NULL Pointer Dereference Vulnerability in xmlPatMatch",
      "description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch.",
      "vendor_project": "GNOME",
      "product": "libxml2",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27113",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.419Z",
      "cvss_version": "3.1",
      "cvss_base_score": "2.9",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec2qkFnH60QGebmu"
    },
    {
      "id": "CVE-2023-48795",
      "name": "Terrapin Attack: SSH Protocol Integrity Bypass in Multiple Products",
      "description": "The SSH transport protocol with certain OpenSSH extensions allows remote attackers to bypass integrity checks, leading to potential security downgrades.",
      "vendor_project": "OpenBSD, PuTTY, FileZilla Project, Microsoft, Panic, Roumen Petrov, WinSCP, Bitvise, LANCOM Systems, VanDyke, libssh, Net-SSH, SSH2 Project, ProFTPD, FreeBSD, Crates, Tera Term Project, Oryx Embedded, CrushFTP, NetSarang, Paramiko, Red Hat, Golang, Russh Project, SFTPGo Project, Erlang, Matez, Libssh2, AsyncSSH Project, Dropbear SSH Project, Jadaptive, SSH, Thorn Tech, Netgate, ConnectBot, Apache, TinySSH, Trilead, 9bis, Gentoo, Fedora Project, Debian, Apple",
      "product": "OpenSSH, PuTTY, FileZilla Client, PowerShell, Transmit, Nova, PKIX-SSH, WinSCP, SSH Client, SSH Server, LCOS, LANconfig, SecureCRT, libssh, net-ssh, SSH2, ProFTPD, FreeBSD, Thrussh, Tera Term, CycloneSSH, CrushFTP, XShell, Paramiko, OpenShift Container Platform, OpenStack Platform, Ceph Storage, Enterprise Linux, OpenShift Serverless, OpenShift GitOps, OpenShift Pipelines, OpenShift Developer Tools and Services, OpenShift Data Foundation, OpenShift API for Data Protection, OpenShift Virtualization, Storage, Discovery, OpenShift Dev Spaces, Cert-Manager Operator for Red Hat OpenShift, Keycloak, JBoss Enterprise Application Platform, Single Sign-On, Advanced Cluster Security, Crypto, Russh, SFTPGo, Erlang/OTP, Jsch, Libssh2, AsyncSSH, Dropbear SSH, Maverick Synergy Java SSH API, SFTP Gateway, pfSense Plus, pfSense CE, ConnectBot SSH Library, SSHD, SSHJ, TinySSH, Trilead SSH2, KiTTY, Security, Fedora, Debian Linux, macOS",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
      "bluerock_coverage_status": "Planned (Future Mechanism)",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "The CVE-2023-48795 describes a vulnerability in the SSH transport protocol that allows attackers to bypass integrity checks. The BlueRock mechanism 'SSH Deep Auth & SSH Least Privilege' is applicable to address this issue.",
      "expires_at": "2025-06-22T21:09:25.418Z",
      "cvss_version": "3.1",
      "cvss_base_score": "5.9",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec33ppiDFi6ILNxk"
    },
    {
      "id": "CVE-2023-38473",
      "name": "Avahi Reachable Assertion Vulnerability in avahi_alternative_host_name Function",
      "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.",
      "vendor_project": "Avahi, Red Hat",
      "product": "Avahi, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38473",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.416Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.2",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec3ggb5q0oAzdgMI"
    },
    {
      "id": "CVE-2022-3219",
      "name": "GnuPG Vulnerability Allows Denial of Service via Crafted Public Key with Multiple Signatures",
      "description": "GnuPG can be made to spin on a small input by crafting a public key with thousands of signatures.",
      "vendor_project": "GnuPG",
      "product": "GnuPG",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219",
      "bluerock_coverage_status": "No",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "BlueRock does not protect against this CVE at this time.",
      "expires_at": "2025-06-22T21:09:25.414Z",
      "cvss_version": "3.1",
      "cvss_base_score": "3.3",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec4INbWv4hV6UhMJ"
    },
    {
      "id": "CVE-2024-10041",
      "name": "Linux-PAM Speculative Execution Vulnerability Leading to Password Leakage",
      "description": "A vulnerability in PAM that may leak passwords during authentication due to speculative execution.",
      "vendor_project": "Linux-PAM, Red Hat",
      "product": "Linux-PAM, Enterprise Linux",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10041",
      "bluerock_coverage_status": "Planned (Future Mechanism)",
      "bluerock_coverage_current": "BlueRock does not protect against this CVE at this time.",
      "bluerock_coverage_future": "The CVE-2024-10041 involves speculative execution leading to password leakage, partially mitigated by Linux/Host Drift Protection.",
      "expires_at": "2025-06-22T21:09:25.413Z",
      "cvss_version": "3.1",
      "cvss_base_score": "4.7",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Linux/Host"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec68sR9pzmfx8KCA"
    },
    {
      "id": "CVE-2024-50349",
      "name": "Git Terminal Credential Prompt ANSI Escape Sequence Vulnerability",
      "description": "Git's terminal credential prompt may render URL-decoded ANSI escape sequences, confusing users and potentially capturing sensitive credentials.",
      "vendor_project": "Git",
      "product": "Git",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50349",
      "bluerock_coverage_status": "Yes",
      "bluerock_coverage_current": "The CVE can be partially mitigated by BlueRock using mechanisms like File Operations Protection, Reverse Shell Protection, Linux/Host Drift Protection, and Process Runtime Execution Guardrails.",
      "bluerock_coverage_future": "The mitigation involves similar mechanisms as in the current response, enforcing guardrails against unauthorized process execution.",
      "expires_at": "2025-06-22T21:09:25.411Z",
      "cvss_version": "4",
      "cvss_base_score": "2.1",
      "cvss_base_severity": "LOW",
      "guardrail_categories": [
        "Linux/Host",
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec7bvcd7gCHw8k4J"
    },
    {
      "id": "CVE-2023-37769",
      "name": "Pixman FPE Vulnerability in combine_inner Component",
      "description": "A Floating Point Exception vulnerability in Pixman that can lead to Denial of Service.",
      "vendor_project": "Pixman",
      "product": "Pixman",
      "cisa_kev_added_date": null,
      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37769",
      "bluerock_coverage_status": "Yes",
      "bluerock_coverage_current": "The vulnerability involves a Floating Point Exception which may lead to DoS; mitigations include Kernel Integrity Protection and Process Runtime Execution Guardrails.",
      "bluerock_coverage_future": "The same mechanisms are expected to mitigate future risks associated with this vulnerability.",
      "expires_at": "2025-06-22T21:09:25.409Z",
      "cvss_version": "3.1",
      "cvss_base_score": "6.5",
      "cvss_base_severity": "MEDIUM",
      "guardrail_categories": [
        "Linux/Host",
        "Application"
      ],
      "evc_url": "https://airtable.com/app75PqfZCBCTirXT/pagTt8cSM9MtyCRh3?xGIMk=rec8f728Sd3qaXAKr"
    }
  ],
  "callback_last_sent_at": null,
  "callback_status": null,
  "callback_count": 0,
  "total_pages": 3,
  "page_size": 10,
  "offset": 0,
  "next_offset": 10
}

FAQ

What source IP addresses are used by BlueRock EVC to send callbacks?

Callbacks generated by BlueRock EVC will originate from Airtable-owned dynamic IP addresses. More information about this can be found here.

BlueRock EVC appears to have excluded or ignored some of my CVEs. Why did that happen?

BlueRock EVC automatically ignores and omits any CVEs that are currently marked as Rejected or Reserved. For CVEs that are currently Reserved, wait until the CVE details are Published and then retry your query.

What are the set of CVEs currently known to BlueRock EVC?

EVC automatically tracks all MITRE CVEs that were either created or updated by NIST NVD on or after 2025. At the time of this writing, this represents about 10-20% of all CVEs across all time.

How long do deep research jobs usually take in BlueRock EVC?

Deep research jobs usually take 1-2 hours, depending on the quantity of CVEs provided that are initially unknown to BlueRock EVC.

Are there any plans to have BlueRock EVC retroactively evaluate older CVEs at scale?

Not at this time. By simply providing EVC queries of older CVEs, the system will automatically evaluate older CVEs through subsequent deep research jobs.

For any lookups made to BlueRock EVC, should I store and use those results forever?

No. As new security mechanisms and features are added to the BlueRock platform, subsequent coverage of existing CVEs may change over time. As such, EVC will periodically reevaluate corresponding coverage as new versions of BlueRock are publicly released. Furthermore, if material details about a CVE change over time, EVC will also reevaluate corresponding coverage, accordingly.

In the API output, each corresponding element within the cve_detailsarray has an expires_at timestamp representing a future expiration date as to how long you should store intermediate results in a local cache. Once expired, it is recommended to re-query the BlueRock EVC for any new information about corresponding coverage for each CVE.

What about CVEs that evolve over time? How does BlueRock EVC account for those?

See earlier answer to question 6.

What does BlueRock EVC do about CVEs that are Rejected or Reserved?

BlueRock EVC ignores and omits any CVEs that are Rejected or Reserved from all outputs. This includes any CVEs that might look valid but are not officially published (yet). For any of these CVEs, please resubmit them to EVC once the CVE details are published.

I have other questions. What do I do?

PreviousCVE Lookups

Last updated 6 months ago

Was this helpful?