Useful cypher queries
Useful queries
Find all vulnerabilities associated with a specific package
MATCH (n:Package {name: 'curl'})-[:Vulnerable]->(v:Vulnerability) RETURN v;
List all packages in a specific user's project with their associated vulnerabilities
MATCH (n:Package {projectId: 'YOUR PROJECT ID'})-[:Vulnerable]->(v:Vulnerability)
RETURN n,v
Retrieve the top 10 vulnerabilities affecting the highest number of packages
MATCH (v:Vulnerability)<-[:Vulnerable]-(n:Package) WITH v, count(n) as AffectedPackages ORDER BY AffectedPackages DESC LIMIT 10 RETURN v;
Get a list of all vulnerabilities for a specific resource type like Docker images
MATCH (n:Package {resourceType:'dockerHub'})-[:Vulnerable]->(v:Vulnerability) RETURN v;
Return packages with no known vulnerabilities
MATCH (n:Package) WHERE NOT (n)-[:Vulnerable]->() RETURN n LIMIT 20;
Find vulnerabilities introduced in a specific SBOM stream
MATCH (n:Package {streamId: 'your stream id'})-[:Vulnerable]->(v:Vulnerability) RETURN v;
Identify which package are affected by a specific vulnerability
MATCH (n:Package)-[:Vulnerable]->(v:Vulnerability {id: 'CVE-2018-1107'})
RETURN n
Updated 10 months ago