Red Hat Enterprise Linux 8 · Capability

Red Hat Security Data API — CVEs

Red Hat Security Data API — CVEs. 2 operations. Lead operation: List CVEs. Self-contained Naftiko capability covering one Red Hat Enterprise Linux 8 business surface.

Run with Naftiko Red Hat Enterprise Linux 8CVEs

What You Can Do

GET
Listcves — List CVEs
/v1/cve-json
GET
Getcve — Get CVE Details
/v1/cve/cve-json

MCP Tools

list-cves

List CVEs

read-only idempotent
get-cve-details

Get CVE Details

read-only idempotent

Capability Spec

security-data-cves.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Red Hat Security Data API — CVEs
  description: 'Red Hat Security Data API — CVEs. 2 operations. Lead operation: List CVEs. Self-contained Naftiko capability
    covering one Red Hat Enterprise Linux 8 business surface.'
  tags:
  - Red Hat Enterprise Linux 8
  - CVEs
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    RED_HAT_ENTERPRISE_LINUX_8_API_KEY: RED_HAT_ENTERPRISE_LINUX_8_API_KEY
capability:
  consumes:
  - type: http
    namespace: security-data-cves
    baseUri: https://access.redhat.com/labs/securitydataapi
    description: Red Hat Security Data API — CVEs business capability. Self-contained, no shared references.
    resources:
    - name: cve.json
      path: /cve.json
      operations:
      - name: listcves
        method: GET
        description: List CVEs
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: before
          in: query
          type: string
          description: Filter CVEs published before this date (YYYY-MM-DD)
        - name: after
          in: query
          type: string
          description: Filter CVEs published after this date (YYYY-MM-DD)
        - name: ids_only
          in: query
          type: boolean
          description: Return only CVE IDs instead of full objects
        - name: bug
          in: query
          type: string
          description: Filter by associated Bugzilla bug ID
        - name: advisory
          in: query
          type: string
          description: Filter by associated security advisory ID
        - name: severity
          in: query
          type: string
          description: Filter by severity level
        - name: package
          in: query
          type: string
          description: Filter by affected package name
        - name: product
          in: query
          type: string
          description: Filter by affected product name
        - name: cvss_score
          in: query
          type: number
          description: Minimum CVSS score
        - name: cvss3_score
          in: query
          type: number
          description: Minimum CVSS v3 score
        - name: page
          in: query
          type: integer
        - name: per_page
          in: query
          type: integer
    - name: cve-CVE}.json
      path: /cve/{CVE}.json
      operations:
      - name: getcve
        method: GET
        description: Get CVE Details
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: CVE
          in: path
          type: string
          description: The CVE identifier (e.g., CVE-2024-12345)
          required: true
  exposes:
  - type: rest
    namespace: security-data-cves-rest
    port: 8080
    description: REST adapter for Red Hat Security Data API — CVEs. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/cve-json
      name: cve-json
      description: REST surface for cve.json.
      operations:
      - method: GET
        name: listcves
        description: List CVEs
        call: security-data-cves.listcves
        with:
          before: rest.before
          after: rest.after
          ids_only: rest.ids_only
          bug: rest.bug
          advisory: rest.advisory
          severity: rest.severity
          package: rest.package
          product: rest.product
          cvss_score: rest.cvss_score
          cvss3_score: rest.cvss3_score
          page: rest.page
          per_page: rest.per_page
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/cve/cve-json
      name: cve-cve-json
      description: REST surface for cve-CVE}.json.
      operations:
      - method: GET
        name: getcve
        description: Get CVE Details
        call: security-data-cves.getcve
        with:
          CVE: rest.CVE
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: security-data-cves-mcp
    port: 9090
    transport: http
    description: MCP adapter for Red Hat Security Data API — CVEs. One tool per consumed operation, routed inline through
      this capability's consumes block.
    tools:
    - name: list-cves
      description: List CVEs
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: security-data-cves.listcves
      with:
        before: tools.before
        after: tools.after
        ids_only: tools.ids_only
        bug: tools.bug
        advisory: tools.advisory
        severity: tools.severity
        package: tools.package
        product: tools.product
        cvss_score: tools.cvss_score
        cvss3_score: tools.cvss3_score
        page: tools.page
        per_page: tools.per_page
      outputParameters:
      - type: object
        mapping: $.
    - name: get-cve-details
      description: Get CVE Details
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: security-data-cves.getcve
      with:
        CVE: tools.CVE
      outputParameters:
      - type: object
        mapping: $.