API Reference
Start typing to search…

Fetch fixes for vulnerabilities in a repository or scan

get
https://api.socket.dev/v0/orgs//fixes

Fetches available fixes for vulnerabilities in a repository or scan. Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided. vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities.

Response Structure

The response contains a fixDetails object where each key is a vulnerability ID (GHSA or CVE) and the value is a discriminated union based on the type field.

Common Fields

All response variants include:

  • type: Discriminator field (one of: "fixFound", "partialFixFound", "noFixAvailable", "fixNotApplicable", "errorComputingFix")
  • value: Object containing the variant-specific data

The value object always contains:

  • ghsa: string | null - The GHSA ID
  • cve: string | null - The CVE ID (if available)
  • advisoryDetails: object | null - Advisory details (only if include_details=true)

Response Variants

fixFound: A complete fix is available for all vulnerable packages

  • value.fixDetails.fixes: Array of fix objects, each containing:
    • purl: Package URL to upgrade
    • fixedVersion: Version to upgrade to
    • manifestFiles: Array of manifest files containing the package
    • updateType: "patch" | "minor" | "major" | "unknown"
  • value.fixDetails.responsibleDirectDependencies: (optional) Map of direct dependencies responsible for the vulnerability

partialFixFound: Fixes available for some but not all vulnerable packages

  • Same as fixFound, plus:
  • value.fixDetails.unfixablePurls: Array of packages that cannot be fixed, each containing:
    • purl: Package URL
    • manifestFiles: Array of manifest files

noFixAvailable: No fix exists for this vulnerability (no patched version published)

fixNotApplicable: A fix exists but cannot be applied due to version constraints

  • value.vulnerableArtifacts: Array of vulnerable packages with their manifest files

errorComputingFix: An error occurred while computing fixes

  • value.message: Error description

Advisory Details (when include_details=true)

  • title: string | null
  • description: string | null
  • cwes: string[] - CWE identifiers
  • severity: "LOW" | "MODERATE" | "HIGH" | "CRITICAL"
  • cvssVector: string | null
  • publishedAt: string (ISO date)
  • kev: boolean - Whether it's a Known Exploited Vulnerability
  • epss: number | null - Exploit Prediction Scoring System score
  • affectedPurls: Array of affected packages with version ranges

This endpoint consumes 10 units of your quota.

This endpoint requires the following org token scopes:

  • fixes:list
Language
Credentials
Click Try It! to start a request and see the response here!