Useful cypher queries

Useful queries

Find all vulnerabilities associated with a specific package

MATCH (n:Package {name: 'curl'})-[:Vulnerable]->(v:Vulnerability) RETURN v;

List all packages in a specific user's project with their associated vulnerabilities

MATCH (n:Package {projectId: 'YOUR PROJECT ID'})-[:Vulnerable]->(v:Vulnerability)

Retrieve the top 10 vulnerabilities affecting the highest number of packages

MATCH (v:Vulnerability)<-[:Vulnerable]-(n:Package) WITH v, count(n) as AffectedPackages ORDER BY AffectedPackages DESC LIMIT 10 RETURN v;

Get a list of all vulnerabilities for a specific resource type like Docker images

MATCH (n:Package {resourceType:'dockerHub'})-[:Vulnerable]->(v:Vulnerability) RETURN v;

Return packages with no known vulnerabilities

MATCH (n:Package) WHERE NOT (n)-[:Vulnerable]->() RETURN n LIMIT 20;

Find vulnerabilities introduced in a specific SBOM stream

MATCH (n:Package {streamId: 'your stream id'})-[:Vulnerable]->(v:Vulnerability) RETURN v;

Identify which package are affected by a specific vulnerability

MATCH (n:Package)-[:Vulnerable]->(v:Vulnerability {id: 'CVE-2018-1107'})