CVE Details API , get vulnerabilities by component
An alternative to vendor specific CVE API's is CIRCL's Common Vulnerabilities and Exposure Web Interface and API.
Its web interface can be found at https://cve.circl.lu/ and API documentation here https://cve.circl.lu/api/
Red Hat maintains a CVE API that can be searched by component, e.g.:
https://access.redhat.com/labs/securitydataapi/cve.json?package=kernel&after=2017-02-17
Documentation for the API can be found here.
Note that the data is probably limited to components in Red Hat products.