Security Feed
ActiveState Curated Catalogs come with a Security Feed. This Security Feed details all known CVEs in the provided Curated Catalog. The Security Feed empowers teams, developers, and organizations to make secure decisions about how they use open source software in their development practices.
The Security Feed is accessible through the Security Feed API. This API provides programmatic access to vulnerability data for all packages in your organization's curated catalog and delivers up-to-date CVE information in a standardized format, enabling automated security scanning and compliance workflows.
Key Features:
- Retention: Access up to 90 days of historical vulnerability data. Files older than 90 days are automatically removed.
- JSON file: JSON format for easy integration with existing tools.
- Immutability: Files cannot be modified once created.
- Secure Access: Organization-scoped authentication ensures data privacy.
- Direct Integration: Works with standard HTTP clients (curl, Python requests, etc.).
- Availability: New files appear within 24 hours of generation.
Data Format
Security feed files contain vulnerability data in JSON format:
- Array of vulnerability objects (wrapped to display CVE count)
- Package identifiers: Uses purl format (e.g.,
pkg:pypi/django@4.2) - Version ranges: SEMVER ranges indicating affected versions and fixes
Each vulnerability includes:
id- Vulnerability identifier (e.g., GHSA ID)affected- List of affected packages with version rangespackage.purl- Package URL identifying the affected package
Get a List of Security Feed Files
Returns metadata for all available security feed files for an organization. This list will include all Security Feed files for the previous 90 days.
| Property | Value |
|---|---|
| Endpoint | GET /<org-id>/secfeed/ |
| Methods | GET, HEAD |
| Authentication | Required (HTTP Basic Auth) |
| Response | JSON array of file objects |
Example
API Call
curl -u "username:password" \
https://repository.activestate.com/<org-id>/secfeed/
Response Headers:
HTTP/2 200
content-type: application/json
access-control-allow-origin: *
x-content-type-options: nosniff
File Example:
[
{
"filename": "2026-01-29T15:29:58.129737+00:00.json",
"size": 9143,
"last_modified": "2026-02-05T20:24:04+00:00",
"url": "/1fc016f6-336d-4b46-9cbc-71b0c4e85697/secfeed/2026-01-29T15:29:58.129737+00:00.json"
}
]
Download Security Feed File
Downloads a specific security feed JSON file containing vulnerability data.
| Property | Value |
|---|---|
| Endpoint | GET /<org-id>/secfeed/<filename>.json |
| Methods | GET, HEAD |
| Authentication | Required (HTTP Basic Auth) |
| Filename Format | ISO 8601 timestamp (e.g., 2026-01-29T15:29:58.129737+00:00.json) |
| Response | JSON array of vulnerabilities |
Example
API Call
curl -u "username:password" \
"https://repository.activestate.com/<org-id>/secfeed/2026-01-29T15:29:58.129737+00:00.json" \
-o security-feed.json
Response Headers
HTTP/2 200
content-type: application/json
content-length: 9143
content-disposition: attachment; filename="2026-01-29T15:29:58.129737+00:00.json"
x-content-type-options: nosniff
Response Body (truncated)
[
{
"summary": "47 issues found",
"issues": [
{
"related": [],
"id": "CVE-2025-15467",
"affected": [
{
"package": {
"ecosystem": "Generic",
"name": "openssl",
"purl": "pkg:generic/openssl"
},
"versions": [
"3.5.4"
],
....
}
]
}
]
}
]
Troubleshooting
Error Responses
401 Unauthorized: Invalid or missing credentials403 Forbidden: User doesn't have access to this organization OR user has exceeded the rate limit404 Not Found: File doesn't exist
Rate Limits
- Security Feed Endpoints (
/secfeed/*): 100 requests per 5 minutes per IP - All Other Endpoints: 2000 requests per 5 minutes per IP
Requests exceeding rate limits receive a 403 Forbidden response.