List issues for a package

The Snyk REST API endpoint List issues for a package can be used to get all direct (non-transitive) vulnerabilities for a package using its purl, which is a uniform way of identifying software packages across ecosystems as defined in the package URL specification.

When you pass a purl to the endpoint, Snyk will find any known vulnerabilities for that package and return them as part of the response body.

The API is useful when you have a list of packages and want to retrieve a list of vulnerabilities for a package version.

Supported purl types

The current release supports the following purl types: apk, cargo, cocoapods, composer, deb, gem, generic, golang, hex, npm,