Enterprise TruRisk™ Platform Release 10.37.2 API
February 23, 2026
In the API Release Notes, <qualys_base_url> is used as a sample API request to represent the API server URL. To learn more about the API server URL for your environment, refer to the Know Your Qualys API Server URL section.
API versioning is supported across Qualys APIs. To learn more about versioning standards and deprecation timelines, refer to the Updates on API Versioning Standards & Deprecation Timelines blog.
Qualys Vulnerability Management (VM)
KnowledgeBase Enhancement - Support for Search List for Deep Scan QIDs
With this feature, we have introduced support for filtering Deep Scan QIDs in the KnowledgeBase and Dynamic Search List APIs. This enhancement allows you to retrieve QIDs associated with Deep Scan - Windows scans.
KnowledgeBase API
Added a new input parameter, cloud_agent_scan_type. Use this parameter to filter QIDs based on the Cloud Agent Scan Type.
When this filter is applied, only Deep Scan QIDs are returned in the response.
| New or Updated API | Updated |
| API Endpoint | /api/3.0/fo/knowledge_base/vuln/ |
| EOS Timeline: August 2026 | |
| EOL Timeline: February 2027 | |
| API Endpoint (New Version) |
/api/4.0/fo/knowledge_base/vuln/ |
| Method | GET |
| DTD or XSD changes | Yes |
Input ParameterInput Parameter
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| cloud_agent_scan_type |
Optional | String | Required for fetching data for Deep Scan QIDs. |
Sample - Knowledge Base for Deep Scan QIDsSample - Knowledge Base for Deep Scan QIDs
API Request
curl location <qualys_base_url>/api/4.0/fo/knowledge_base/vuln/?action=list&details=None&cloud_agent_scan_type=Deep%20Scan%20-%20Windows' \ header 'Content-Type: test/xml' \ header 'X-Requested-With: test' \ header 'Accept-Encoding: *' \ header 'Authorization: Bearer <JWT Token>
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE KNOWLEDGE_BASE_VULN_LIST_OUTPUT SYSTEM <qualys_base_url>/api/4.0/fo/knowledge_base/vuln/knowledge_base_vuln_list_output.dtd"> <KNOWLEDGE_BASE_VULN_LIST_OUTPUT> <RESPONSE> <DATETIME>2025-12-11T10:08:37Z</DATETIME> <ID_SET> <ID>45692</ID> <ID>92291</ID> <ID>92310</ID> <ID>92316</ID> <ID>92319</ID> <ID>382697</ID> <ID>382991</ID> <ID>383087</ID> <ID_RANGE>383090-383092</ID_RANGE> <ID>383097</ID> <ID>383116</ID> <ID>383138</ID> <ID_RANGE>383140-383141</ID_RANGE> <ID>383243</ID> <ID_RANGE>383249-383250</ID_RANGE> <ID>383396</ID> <ID>383400</ID> <ID>383414</ID> <ID>383416</ID> <ID>383422</ID> <ID>383426</ID> <ID>383428</ID> <ID>383463</ID> <ID>383478</ID> <ID>383481</ID> <ID_RANGE>383568-383569</ID_RANGE> <ID>383572</ID> <ID>383578</ID> <ID>383587</ID> <ID_RANGE>383592-383593</ID_RANGE> <ID>383596</ID> <ID>383598</ID> <ID>383609</ID> <ID>383645</ID> <ID_RANGE>383648-383657</ID_RANGE> <ID_RANGE>383660-383662</ID_RANGE> <ID>383664</ID> <ID_RANGE>383669-383670</ID_RANGE> <ID_RANGE>383672-383705</ID_RANGE> <ID>383709</ID> <ID>383711</ID> <ID>383717</ID> <ID_RANGE>383719-383725</ID_RANGE> <ID_RANGE>383729-383730</ID_RANGE> <ID_RANGE>383741-383850</ID_RANGE> <ID_RANGE>383852-383915</ID_RANGE> <ID_RANGE>383917-383939</ID_RANGE> <ID>383941</ID> <ID_RANGE>383943-383946</ID_RANGE> <ID>383966</ID> <ID_RANGE>383971-384172</ID_RANGE> <ID_RANGE>384174-384256</ID_RANGE> <ID_RANGE>384258-384329</ID_RANGE> <ID_RANGE>384332-384349</ID_RANGE> <ID_RANGE>384511-384518</ID_RANGE> <ID_RANGE>384574-384578</ID_RANGE> <ID_RANGE>384580-384605</ID_RANGE> <ID_RANGE>384611-384613</ID_RANGE> <ID>384615</ID> <ID_RANGE>384626-384644</ID_RANGE> <ID_RANGE>384649-384650</ID_RANGE> <ID>384652</ID> <ID_RANGE>384654-384674</ID_RANGE> <ID>384676</ID> <ID_RANGE>384678-384687</ID_RANGE> <ID>384689</ID> <ID>384692</ID> <ID>385099</ID> <ID_RANGE>385106-385108</ID_RANGE> <ID>385148</ID> <ID_RANGE>385160-385203</ID_RANGE> <ID_RANGE>385205-385206</ID_RANGE> <ID_RANGE>385208-385230</ID_RANGE> <ID_RANGE>385238-385270</ID_RANGE> <ID_RANGE>385272-385273</ID_RANGE> <ID_RANGE>385275-385276</ID_RANGE> <ID_RANGE>385278-385279</ID_RANGE> <ID_RANGE>385281-385285</ID_RANGE> <ID_RANGE>385287-385330</ID_RANGE> <ID_RANGE>385358-385365</ID_RANGE> <ID_RANGE>385368-385372</ID_RANGE> <ID>385374</ID> <ID>385385</ID> <ID_RANGE>385397-385401</ID_RANGE> <ID_RANGE>385403-385424</ID_RANGE> <ID_RANGE>385432-385436</ID_RANGE> <ID_RANGE>385448-385451</ID_RANGE> <ID_RANGE>385456-385477</ID_RANGE> <ID_RANGE>385479-385484</ID_RANGE> <ID_RANGE>385486-385493</ID_RANGE> <ID_RANGE>385496-385501</ID_RANGE> <ID>385504</ID> <ID>385508</ID> <ID>385526</ID> <ID>385536</ID> <ID>385593</ID> <ID>385604</ID> <ID_RANGE>385609-385611</ID_RANGE> <ID>385773</ID> <ID_RANGE>385775-385777</ID_RANGE> <ID_RANGE>385793-385857</ID_RANGE> <ID>385865</ID> <ID>385941</ID> <ID>385979</ID> <ID_RANGE>385998-386013</ID_RANGE> <ID>386019</ID> <ID_RANGE>386054-386059</ID_RANGE> <ID_RANGE>386120-386122</ID_RANGE> <ID>386128</ID> <ID>386130</ID> <ID>386136</ID> </ID_SET> </RESPONSE> </KNOWLEDGE_BASE_VULN_LIST_OUTPUT>
DTD Output for Knowledge Base for Deep Scan QIDsDTD Output for Knowledge Base for Deep Scan QIDs
A DTD for the Knowledge Base API has been added.
<platform API server>/api/4.0/fo/knowledge_base/vuln/knowledge_base_vuln_list_output.dtd>
CVSS V4 will be available in the subsequent release, though it is visible in the DTD Response.
DTD output for the Knowledge Base API is as follows:
DTD Output
<!-- QUALYS KNOWLEDGE_BASE_VULN_LIST_OUTPUT DTD -->
<!-- $Revision: TBD $ -->
<!ELEMENT KNOWLEDGE_BASE_VULN_LIST_OUTPUT (REQUEST?,RESPONSE)>
<!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)>
<!ELEMENT DATETIME (#PCDATA)>
<!ELEMENT USER_LOGIN (#PCDATA)>
<!ELEMENT RESOURCE (#PCDATA)>
<!ELEMENT PARAM_LIST (PARAM+)>
<!ELEMENT PARAM (KEY, VALUE)>
<!ELEMENT KEY (#PCDATA)>
<!ELEMENT VALUE (#PCDATA)>
<!-- if returned, POST_DATA will be urlencoded -->
<!ELEMENT POST_DATA (#PCDATA)>
<!ELEMENT RESPONSE (DATETIME, (VULN_LIST|ID_SET)?, WARNING?)>
<!-- DATETIME already defined -->
<!ELEMENT VULN_LIST (VULN*)>
<!ELEMENT VULN (QID, VULN_TYPE, SEVERITY_LEVEL, TITLE, CATEGORY?,TECHNOLOGY?, DETECTION_INFO?,
LAST_CUSTOMIZATION?, LAST_SERVICE_MODIFICATION_DATETIME?, PUBLISHED_DATETIME, CODE_MODIFIED_DATETIME?,
BUGTRAQ_LIST?, PATCHABLE, PATCH_PUBLISHED_DATE?, SOFTWARE_LIST?, VENDOR_REFERENCE_LIST?, CVE_LIST?,
DIAGNOSIS?, DIAGNOSIS_COMMENT?, CONSEQUENCE?, CONSEQUENCE_COMMENT?,
SOLUTION?, SOLUTION_COMMENT?, COMPLIANCE_LIST?, CORRELATION?, CVSS?, CVSS_V3?, CVSS_V4?, PCI_FLAG?, AUTOMATIC_PCI_FAIL?, PCI_REASONS?, THREAT_INTELLIGENCE?, SUPPORTED_MODULES?, DISCOVERY, IS_DISABLED?, CHANGE_LOG_LIST? )>
<!ELEMENT QID (#PCDATA)>
<!ELEMENT VULN_TYPE (#PCDATA)>
<!ELEMENT SEVERITY_LEVEL (#PCDATA)>
<!ELEMENT TITLE (#PCDATA)>
<!ELEMENT CATEGORY (#PCDATA)>
<!ELEMENT TECHNOLOGY (#PCDATA)>
<!ELEMENT DETECTION_INFO (#PCDATA)>
<!ELEMENT LAST_CUSTOMIZATION (DATETIME, USER_LOGIN?)>
<!-- USER_LOGIN already defined (no USER_LOGIN for OVAL Vulns) -->
<!ELEMENT LAST_SERVICE_MODIFICATION_DATETIME (#PCDATA)>
<!ELEMENT PUBLISHED_DATETIME (#PCDATA)>
<!ELEMENT CODE_MODIFIED_DATETIME (#PCDATA)>
<!ELEMENT BUGTRAQ_LIST (BUGTRAQ+)>
<!ELEMENT BUGTRAQ (ID, URL)>
<!ELEMENT ID (#PCDATA)>
<!ELEMENT URL (#PCDATA)>
<!ELEMENT PATCHABLE (#PCDATA)>
<!ELEMENT PATCH_PUBLISHED_DATE (#PCDATA)>
<!ELEMENT SOFTWARE_LIST (SOFTWARE+)>
<!ELEMENT SOFTWARE (PRODUCT, VENDOR)>
<!ELEMENT PRODUCT (#PCDATA)>
<!ELEMENT VENDOR (#PCDATA)>
<!ELEMENT VENDOR_REFERENCE_LIST (VENDOR_REFERENCE+)>
<!ELEMENT VENDOR_REFERENCE (ID, URL)>
<!ELEMENT CVE_LIST (CVE+)>
<!ELEMENT CVE (ID, URL)>
<!-- ID, URL already defined -->
<!ELEMENT DIAGNOSIS (#PCDATA)>
<!ELEMENT DIAGNOSIS_COMMENT (#PCDATA)>
<!ELEMENT CONSEQUENCE (#PCDATA)>
<!ELEMENT CONSEQUENCE_COMMENT (#PCDATA)>
<!ELEMENT SOLUTION (#PCDATA)>
<!ELEMENT SOLUTION_COMMENT (#PCDATA)>
<!ELEMENT COMPLIANCE_LIST (COMPLIANCE+)>
<!ELEMENT COMPLIANCE (TYPE, SECTION, DESCRIPTION)>
<!ELEMENT TYPE (#PCDATA)>
<!ELEMENT SECTION (#PCDATA)>
<!ELEMENT DESCRIPTION (#PCDATA)>
<!ELEMENT CORRELATION (EXPLOITS?, MALWARE?)>
<!ELEMENT EXPLOITS (EXPLT_SRC+)>
<!ELEMENT EXPLT_SRC (SRC_NAME, EXPLT_LIST)>
<!ELEMENT SRC_NAME (#PCDATA)>
<!ELEMENT EXPLT_LIST (EXPLT+)>
<!ELEMENT EXPLT (REF, DESC, LINK?)>
<!ELEMENT REF (#PCDATA)>
<!ELEMENT DESC (#PCDATA)>
<!ELEMENT LINK (#PCDATA)>
<!ELEMENT MALWARE (MW_SRC+)>
<!ELEMENT MW_SRC (SRC_NAME, MW_LIST)>
<!ELEMENT MW_LIST (MW_INFO+)>
<!ELEMENT MW_INFO (MW_ID, MW_TYPE?, MW_PLATFORM?, MW_ALIAS?, MW_RATING?, MW_LINK?)>
<!ELEMENT MW_ID (#PCDATA)>
<!ELEMENT MW_TYPE (#PCDATA)>
<!ELEMENT MW_PLATFORM (#PCDATA)>
<!ELEMENT MW_ALIAS (#PCDATA)>
<!ELEMENT MW_RATING (#PCDATA)>
<!ELEMENT MW_LINK (#PCDATA)>
<!ELEMENT CVSS (BASE?, TEMPORAL?, VECTOR_STRING?, ACCESS?, IMPACT?, AUTHENTICATION?,
EXPLOITABILITY?, REMEDIATION_LEVEL?, REPORT_CONFIDENCE?)>
<!ELEMENT BASE (#PCDATA)>
<!ATTLIST BASE source CDATA #IMPLIED>
<!ELEMENT TEMPORAL (#PCDATA)>
<!ELEMENT VECTOR_STRING (#PCDATA)>
<!ELEMENT CVSS3_VERSION (#PCDATA)>
<!ELEMENT ACCESS (VECTOR?, COMPLEXITY?)>
<!ELEMENT VECTOR (#PCDATA)>
<!ELEMENT COMPLEXITY (#PCDATA)>
<!ELEMENT ATTACK (VECTOR?, COMPLEXITY?, REQUIREMENT?)>
<!ELEMENT IMPACT ((CONFIDENTIALITY?, INTEGRITY?, AVAILABILITY?) | (VULNERABLE?, SUBSEQUENT?))>
<!ELEMENT CONFIDENTIALITY (#PCDATA)>
<!ELEMENT INTEGRITY (#PCDATA)>
<!ELEMENT AVAILABILITY (#PCDATA)>
<!ELEMENT AUTHENTICATION (#PCDATA)>
<!ELEMENT EXPLOITABILITY (#PCDATA)>
<!ELEMENT REMEDIATION_LEVEL (#PCDATA)>
<!ELEMENT REPORT_CONFIDENCE (#PCDATA)>
<!ELEMENT CVSS_V3 (BASE?, TEMPORAL?, VECTOR_STRING?, CVSS3_VERSION?, ATTACK?, IMPACT?, PRIVILEGES_REQUIRED?, USER_INTERACTION?, SCOPE?,
EXPLOIT_CODE_MATURITY?, REMEDIATION_LEVEL?, REPORT_CONFIDENCE?)>
<!ELEMENT PRIVILEGES_REQUIRED (#PCDATA)>
<!ELEMENT USER_INTERACTION (#PCDATA)>
<!ELEMENT SCOPE (#PCDATA)>
<!ELEMENT EXPLOIT_CODE_MATURITY (#PCDATA)>
<!ELEMENT CVSS_V4 (
BASE?, VECTOR_STRING?, CVSS4_VERSION?,
ATTACK?, IMPACT?,
PRIVILEGES_REQUIRED?, USER_INTERACTION?,
EXPLOIT_CODE_MATURITY?, REQUIREMENTS?, MODIFIED?,
SAFETY?, AUTOMATABLE?, PROVIDER_URGENCY?,
VALUE_DENSITY?, VULNERABILITY_RESPONSE_EFFORT?
)>
<!ELEMENT CVSS4_VERSION (#PCDATA)>
<!-- ATTACK for CVSS v4 has extra REQUIREMENT -->
<!ELEMENT REQUIREMENT (#PCDATA)>
<!-- IMPACT for CVSS v4 -->
<!ELEMENT VULNERABLE (CONFIDENTIALITY?, INTEGRITY?, AVAILABILITY?)>
<!ELEMENT SUBSEQUENT (CONFIDENTIALITY?, INTEGRITY?, AVAILABILITY?)>
<!ELEMENT REQUIREMENTS (CONFIDENTIALITY?, INTEGRITY?, AVAILABILITY?)>
<!ELEMENT MODIFIED (ATTACK?, IMPACT?, PRIVILEGES_REQUIRED?, USER_INTERACTION?)>
<!ELEMENT SAFETY (#PCDATA)>
<!ELEMENT AUTOMATABLE (#PCDATA)>
<!ELEMENT PROVIDER_URGENCY (#PCDATA)>
<!ELEMENT VALUE_DENSITY (#PCDATA)>
<!ELEMENT VULNERABILITY_RESPONSE_EFFORT (#PCDATA)>
<!ELEMENT PCI_FLAG (#PCDATA)>
<!ELEMENT AUTOMATIC_PCI_FAIL (#PCDATA)>
<!ELEMENT PCI_REASONS (PCI_REASON+)>
<!ELEMENT PCI_REASON (#PCDATA)>
<!ELEMENT THREAT_INTELLIGENCE (THREAT_INTEL+)>
<!ELEMENT THREAT_INTEL (#PCDATA)>
<!ATTLIST THREAT_INTEL
id CDATA #REQUIRED>
<!ELEMENT SUPPORTED_MODULES (#PCDATA)>
<!ELEMENT DISCOVERY (REMOTE, AUTH_TYPE_LIST?, ADDITIONAL_INFO?)>
<!ELEMENT REMOTE (#PCDATA)>
<!ELEMENT AUTH_TYPE_LIST (AUTH_TYPE+)>
<!ELEMENT AUTH_TYPE (#PCDATA)>
<!ELEMENT ADDITIONAL_INFO (#PCDATA)>
<!ELEMENT IS_DISABLED (#PCDATA)>
<!ELEMENT CHANGE_LOG_LIST (CHANGE_LOG_INFO+)>
<!ELEMENT CHANGE_LOG_INFO (CHANGE_DATE, COMMENTS)>
<!ELEMENT CHANGE_DATE (#PCDATA)>
<!ELEMENT COMMENTS (#PCDATA)>
<!ELEMENT ID_SET ((ID|ID_RANGE)+)>
<!-- ID already defined -->
<!ELEMENT ID_RANGE (#PCDATA)>
<!ELEMENT WARNING (CODE?, TEXT, URL?)>
<!ELEMENT CODE (#PCDATA)>
<!ELEMENT TEXT (#PCDATA)>
<!-- URL already defined -->
<!-- EOF -->earch List API
Added a new input parameter, cloud_agent_scan_type. Use this parameter to create, update, remove, list QIDs based on the Cloud Agent Scan Type.
When this filter is applied, only Deep Scan QIDs are returned in the response.
DTD changes implemented for the new parameter and tags.
| New or Updated API | Updated |
| API Endpoint | api/2.0/fo/qid/search_list/dynamic/ |
| EOS Timeline: August 2026 | |
| EOL Timeline: February 2027 | |
| API Endpoint (New Version) |
api/3.0/fo/qid/search_list/dynamic/ |
| Method | GET |
| DTD or XSD changes | Yes |
Input ParameterInput Parameter
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| cloud_agent_scan_type |
Optional | String | Required for creating, updating/removing, listing actions of dynamic search list for Deep Scan QIDs. |
API Request
curl location <qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/' \ header 'X-Requested-With: Curl' \ header 'Content-Type: application/x-www-form-urlencoded' \ header 'Authorization: Bearer <JWT Token>' \ data-urlencode 'action=create' \ data-urlencode 'title=2 Deep Scan API Testing' \ data-urlencode 'global=1' \ data-urlencode 'cloud_agent_scan_type=Deep Scan - Windows'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM <qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T08:46:29Z</DATETIME>
<TEXT>New search list created successfully</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>6343529</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
API Request
curl location <qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/' \ header 'X-Requested-With: Curl' \ header 'Content-Type: application/x-www-form-urlencoded' \ header 'Authorization: Bearer <JWT Token>' \ data-urlencode 'action=update' \ data-urlencode 'title=2 Deep Scan API Testing' \ data-urlencode 'global=1' \ data-urlencode 'vuln_provider=iDefense' \ data-urlencode 'cloud_agent_scan_type=Deep Scan - Windows' \ data-urlencode 'id=xxxxxxx'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM <qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T08:54:46Z</DATETIME>
<TEXT>search list updated successfully</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>6343529</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
API Request
curl location <qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/' \ header 'X-Requested-With: Curl' \ header 'Content-Type: application/x-www-form-urlencoded' \ header 'Authorization: Bearer <JWT Token> \ data-urlencode 'action=update' \ data-urlencode 'title=2 Deep Scan API Testing' \ data-urlencode 'global=1' \ data-urlencode 'vuln_provider=iDefense' \ data-urlencode 'cloud_agent_scan_type=' \ data-urlencode 'id=xxxxxxx'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM <qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T09:16:30Z</DATETIME>
<TEXT>search list updated successfully</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>6343529</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
API Request
curl location <qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/?action=list&ids=6343529&show_qids=0' \ header 'Content-Type: test/xml' \ header 'X-Requested-With: test' \ header 'Authorization: Bearer <JWT Token>'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE DYNAMIC_SEARCH_LIST_OUTPUT SYSTEM <qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/dynamic_list_output.dtd">
<DYNAMIC_SEARCH_LIST_OUTPUT>
<RESPONSE>
<DATETIME>2025-12-11T09:06:19Z</DATETIME>
<DYNAMIC_LISTS>
<DYNAMIC_LIST>
<ID>6343529</ID>
<TITLE>
<![CDATA[2 Deep Scan API Testing]]>
</TITLE>
<GLOBAL>Yes</GLOBAL>
<OWNER>
<![CDATA[Amol Zambare (vmdrxaz7)]]>
</OWNER>
<CREATED>2025-12-11T08:46:28Z</CREATED>
<MODIFIED_BY>
<![CDATA[Amol Zambare (vmdrxaz7)]]>
</MODIFIED_BY>
<MODIFIED>2025-12-11T08:54:45Z</MODIFIED>
<CRITERIA>
<DISCOVERY_METHOD>
<![CDATA[All]]>
</DISCOVERY_METHOD>
<CLOUD_AGENT_SCAN_TYPE>
<![CDATA[Deep Scan - Windows]]>
</CLOUD_AGENT_SCAN_TYPE>
<PROVIDER>
<![CDATA[iDefense]]>
</PROVIDER>
</CRITERIA>
</DYNAMIC_LIST>
</DYNAMIC_LISTS>
</RESPONSE>
</DYNAMIC_SEARCH_LIST_OUTPUT>
A DTD for the Dynamic Search List API has been added.
<platform API server>/api/3.0/fo/qid/search_list/dynamic/dynamic_list_output.dtd>
CVSS V4 will be available in the subsequent release, though it is visible in the DTD Response.
DTD output for the Dynamic Search List API is as follows:
DTD Output
<qualys_base_url>/api/3.0/fo/qid/search_list/dynamic/dynamic_list_output.dtd <!QUALYS DYNAMIC\_SEARCH\_LIST\_OUTPUT DTD> <!$Revision$> <!ELEMENT DYNAMIC\_SEARCH\_LIST\_OUTPUT (REQUEST?,RESPONSE)> <!ELEMENT REQUEST (DATETIME, USER\_LOGIN, RESOURCE, PARAM\_LIST?, POST\_DATA?)> <!ELEMENT DATETIME (#PCDATA)> <!ELEMENT USER\_LOGIN (#PCDATA)> <!ELEMENT RESOURCE (#PCDATA)> <!ELEMENT PARAM\_LIST (PARAM+)> <!ELEMENT PARAM (KEY, VALUE)> <!ELEMENT KEY (#PCDATA)> <!ELEMENT VALUE (#PCDATA)> <!if returned, POST\_DATA will be urlencoded > <!ELEMENT POST\_DATA (#PCDATA)> <!ELEMENT RESPONSE (DATETIME, DYNAMIC\_LISTS?)> <!ELEMENT DYNAMIC\_LISTS (DYNAMIC\_LIST+)> <!ELEMENT DYNAMIC\_LIST (ID, TITLE, GLOBAL, OWNER, CREATED?, MODIFIED\_BY?, MODIFIED?, QIDS?, CRITERIA, OPTION\_PROFILES?, REPORT\_TEMPLATES?, REMEDIATION\_POLICIES?, DISTRIBUTION\_GROUPS?, COMMENTS?)> <!ELEMENT ID (#PCDATA)> <!ELEMENT TITLE (#PCDATA)> <!ELEMENT GLOBAL (#PCDATA)> <!ELEMENT OWNER (#PCDATA)> <!ELEMENT CREATED (#PCDATA)> <!ELEMENT MODIFIED\_BY (#PCDATA)> <!ELEMENT MODIFIED (#PCDATA)> <!ELEMENT QIDS (QID+)> <!ELEMENT QID (#PCDATA)> <!ELEMENT CRITERIA (VULNERABILITY\_TITLE?, DISCOVERY\_METHOD?, AUTHENTICATION\_TYPE?, USER\_CONFIGURATION?, CATEGORY?, CONFIRMED\_SEVERITY?, POTENTIAL\_SEVERITY?, INFORMATION\_SEVERITY?, VENDOR?, PRODUCT?, CVSS\_BASE\_SCORE?, CVSS\_TEMPORAL\_SCORE?, CVSS3\_BASE\_SCORE?, CVSS3\_TEMPORAL\_SCORE?, CVSS\_ACCESS\_VECTOR?, PATCH\_AVAILABLE?, VIRTUAL\_PATCH\_AVAILABLE?, CVE\_ID?, CVE\_ID\_FILTER?, CPE?, EXPLOITABILITY?, ASSOCIATED\_MALWARE?, VENDOR\_REFERENCE?, BUGTRAQ\_ID?, VULNERABILITY\_DETAILS?, SUPPORTED\_MODULES?, CLOUD\_AGENT\_SCAN\_TYPE? ,COMPLIANCE\_DETAILS?, COMPLIANCE\_TYPE?, QUALYS\_TOP\_20?, OTHER?, NETWORK\_ACCESS?, PROVIDER?, CVSS\_BASE\_SCORE\_OPERAND?, CVSS\_TEMPORAL\_SCORE\_OPERAND?, CVSS3\_BASE\_SCORE\_OPERAND?, CVSS3\_TEMPORAL\_SCORE\_OPERAND?, CVSS3\_VERSION?, CVSS4\_BASE\_SCORE?, CVSS4\_BASE\_SCORE\_OPERAND?, CVSS4\_VERSION?, USER\_MODIFIED?, PUBLISHED?, SERVICE\_MODIFIED? )> <!ELEMENT VULNERABILITY\_TITLE (#PCDATA)> <!ELEMENT DISCOVERY\_METHOD (#PCDATA)> <!ELEMENT AUTHENTICATION\_TYPE (#PCDATA)> <!ELEMENT USER\_CONFIGURATION (#PCDATA)> <!ELEMENT CATEGORY (#PCDATA)> <!ELEMENT CONFIRMED\_SEVERITY (#PCDATA)> <!ELEMENT POTENTIAL\_SEVERITY (#PCDATA)> <!ELEMENT INFORMATION\_SEVERITY (#PCDATA)> <!ELEMENT VENDOR (#PCDATA)> <!ELEMENT PRODUCT (#PCDATA)> <!ELEMENT CVSS\_BASE\_SCORE (#PCDATA)> <!ELEMENT CVSS\_TEMPORAL\_SCORE (#PCDATA)> <!ELEMENT CVSS\_ACCESS\_VECTOR (#PCDATA)> <!ELEMENT PATCH\_AVAILABLE (#PCDATA)> <!ELEMENT VIRTUAL\_PATCH\_AVAILABLE (#PCDATA)> <!ELEMENT CVE\_ID (#PCDATA)> <!ELEMENT CVE\_ID\_FILTER (#PCDATA)> <!ELEMENT EXPLOITABILITY (#PCDATA)> <!ELEMENT ASSOCIATED\_MALWARE (#PCDATA)> <!ELEMENT VENDOR\_REFERENCE (#PCDATA)> <!ELEMENT BUGTRAQ\_ID (#PCDATA)> <!ELEMENT VULNERABILITY\_DETAILS (#PCDATA)> <!ELEMENT SUPPORTED\_MODULES (#PCDATA)> <!ELEMENT CLOUD\_AGENT\_SCAN\_TYPE (#PCDATA)> <!ELEMENT COMPLIANCE\_DETAILS (#PCDATA)> <!ELEMENT COMPLIANCE\_TYPE (#PCDATA)> <!ELEMENT QUALYS\_TOP\_20 (#PCDATA)> <!ELEMENT OTHER (#PCDATA)> <!ELEMENT NETWORK\_ACCESS (#PCDATA)> <!ELEMENT PROVIDER (#PCDATA)> <!ELEMENT CVSS\_BASE\_SCORE\_OPERAND (#PCDATA)> <!ELEMENT CVSS\_TEMPORAL\_SCORE\_OPERAND (#PCDATA)> <!ELEMENT CVSS3\_BASE\_SCORE (#PCDATA)> <!ELEMENT CVSS3\_TEMPORAL\_SCORE (#PCDATA)> <!ELEMENT CVSS3\_BASE\_SCORE\_OPERAND (#PCDATA)> <!ELEMENT CVSS3\_TEMPORAL\_SCORE\_OPERAND (#PCDATA)> <!ELEMENT CVSS3\_VERSION (#PCDATA)> <!ELEMENT CVSS4\_BASE\_SCORE (#PCDATA)> <!ELEMENT CVSS4\_BASE\_SCORE\_OPERAND (#PCDATA)> <!ELEMENT CVSS4\_VERSION (#PCDATA)> <!ELEMENT OPTION\_PROFILES (OPTION\_PROFILE+)> <!ELEMENT OPTION\_PROFILE (ID, TITLE)> <!ELEMENT REPORT\_TEMPLATES (REPORT\_TEMPLATE+)> <!ELEMENT REPORT\_TEMPLATE (ID, TITLE)> <!ELEMENT REMEDIATION\_POLICIES (REMEDIATION\_POLICY+)> <!ELEMENT REMEDIATION\_POLICY (ID, TITLE)> <!ELEMENT DISTRIBUTION\_GROUPS (DISTRIBUTION\_GROUP+)> <!ELEMENT DISTRIBUTION\_GROUP (NAME)> <!ELEMENT NAME (#PCDATA)> <!ELEMENT COMMENTS (#PCDATA)> <!ELEMENT USER\_MODIFIED (#PCDATA)> <!ELEMENT PUBLISHED (#PCDATA)> <!ELEMENT SERVICE\_MODIFIED (#PCDATA)> <!ELEMENT CPE (#PCDATA)> <!EOF>
KnowledgeBase QVS Download: Extended CVE Data Retrieval Range
| New or Updated API | Updated |
| API Endpoint (New Version) |
/api/2.0/fo/knowledge_base/qvs/ /api/3.0/fo/knowledge_base/qvs/ |
| Method | POST |
| DTD or XSD changes | No |
With this feature, we have now extended the CVE (Common Vulnerabilities and Exposures) data retrieval window from 15 days to 90 days in the KnowledgeBase (QVS) API.
When the details parameter is included in the request, the API returns data for all CVEs published or modified within the last 90 days, which was previously 15 days. This enhancement improves the ability to identify and prioritize vulnerabilities using the QVS score, resulting in more accurate vulnerability scoring and stronger security decision‑making.
Issues Addressed
The following reported and notable customer issues are fixed in this release:
| Component/Category | Application |
Description |
| VM - Host List Detection API | Vulnerability Management | When the users executed the host list detection API endpoint /api/{version}/fo/asset/host/vm/detection/ across different versions (for example, v2.0 and v5.0), inconsistencies were observed in the responses when the detection_updated_since parameter was used. Relevant code changes have been implemented to resolve the issue. |