> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List assets associated with vulnerabilities

> List assets that Vanta monitors that are associated with vulnerabilities.

End of life — this endpoint works for classic audits only; it does not support
controlled audit view. It remains available for existing classic audits but will be removed once
classic audits are fully phased out, so do not build new integrations on it.

Rate limit: 10 requests / minute.



## OpenAPI

````yaml https://spec.speakeasy.com/vanta/vanta/conduct-an-audit-with-code-samples get /audits/{auditId}/vulnerable-assets
openapi: 3.0.0
info:
  title: Conduct an audit
  version: 1.0.0
  description: >-
    The Auditor API lets audit firms conduct audits from a tool outside of
    Vanta. Unlock data syncing with Vanta through this API.


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token URL shown below defaults to the
    commercial host — replace it with `https://api.vanta-gov.com/oauth/token`.
  termsOfService: https://www.vanta.com/terms
  license:
    name: UNLICENSED
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
servers:
  - url: https://api.vanta.com/v1
    description: US Region API
  - url: https://api.vanta-gov.com/v1
    description: Vanta Gov (FedRAMP)
security: []
paths:
  /audits/{auditId}/vulnerable-assets:
    get:
      tags:
        - Audits
      summary: List assets associated with vulnerabilities
      description: >-
        List assets that Vanta monitors that are associated with
        vulnerabilities.


        End of life — this endpoint works for classic audits only; it does not
        support

        controlled audit view. It remains available for existing classic audits
        but will be removed once

        classic audits are fully phased out, so do not build new integrations on
        it.


        Rate limit: 10 requests / minute.
      operationId: GetVulnerableAssets
      parameters:
        - in: path
          name: auditId
          required: true
          schema:
            type: string
        - description: Filter vulnerable assets by search query.
          in: query
          name: query
          required: false
          schema:
            type: string
        - in: query
          name: pageSize
          required: false
          schema:
            $ref: '#/components/schemas/PageSize'
        - in: query
          name: pageCursor
          required: false
          schema:
            $ref: '#/components/schemas/PageCursor'
        - description: Filter vulnerable assets by specific vulnerability scanner.
          in: query
          name: integrationId
          required: false
          schema:
            type: string
        - description: >-
            Filter vulnerable assets by asset type.

            Possible values: CODE_REPOSITORY, CONTAINER_REPOSITORY,
            CONTAINER_REPOSITORY_IMAGE, MANIFEST_FILE, SERVER,
            SERVERLESS_FUNCTION, WORKSTATION.
          in: query
          name: assetType
          required: false
          schema:
            $ref: '#/components/schemas/VulnerableAssetType'
        - description: Filter vulnerable assets by...
          in: query
          name: assetExternalAccountId
          required: false
          schema:
            type: string
      responses:
        '200':
          description: Ok
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedResponse_VulnerableAsset_'
              examples:
                Example 1:
                  value:
                    results:
                      pageInfo:
                        hasNextPage: true
                        hasPreviousPage: false
                        startCursor: YXJyYXljb25uZWN0aW9uOjA=
                        endCursor: YXJyYXljb25uZWN0aW9uOjE=
                      data:
                        - id: a2f7e1b9d0c3f4e5a6c7b8d9
                          name: CVE-2021-12345
                          assetType: SERVER
                          hasBeenScanned: true
                          imageScanTag: apac-production:latest
                          scanners:
                            - resourceId: 6733c25f852819d3b8d97a86
                              integrationId: qualys
                              imageDigest: sha256:123456
                              imagePushedAtDate: '2021-01-01T00:00:00.000Z'
                              imageTags:
                                - candidate-1234567890
                              assetTags:
                                - key: company-name
                                  value: vanta-llama
                              parentAccountOrOrganization: 12345678-abcd-cdef-ab12-abcd1234bbbb
                              biosUuid: '123456'
                              ipv4s:
                                - 12.12.123.123
                              ipv6s: null
                              macAddresses:
                                - 1234AB987FED
                              hostnames:
                                - purple-llama
                              fqdns:
                                - purple-llama
                              operatingSystems:
                                - Windows11
                              targetId: 12345678-abcd-cdef-ab12-abcd1234bbbc
      deprecated: true
      security:
        - bearerAuth: []
components:
  schemas:
    PageSize:
      type: integer
      format: int32
      default: 10
      description: >-
        Controls the maximum number of items returned in one response from the
        API.
      minimum: 1
      maximum: 100
    PageCursor:
      type: string
      description: >-
        A marker or pointer, telling the API where to start fetching items for
        the subsequent page in a paginated dataset.

        Note that the requested page will not include the item that corresponds
        to this cursor but will start from the one immediately

        after this cursor.
    VulnerableAssetType:
      type: string
      enum:
        - SERVER
        - SERVERLESS_FUNCTION
        - CONTAINER
        - CONTAINER_REPOSITORY
        - CONTAINER_REPOSITORY_IMAGE
        - CODE_REPOSITORY
        - MANIFEST_FILE
        - WORKSTATION
        - OTHER
      description: VulnerableAssetType describes the types of assets a vulnerability is on.
    PaginatedResponse_VulnerableAsset_:
      properties:
        results:
          properties:
            data:
              items:
                $ref: '#/components/schemas/VulnerableAsset'
              type: array
            pageInfo:
              $ref: '#/components/schemas/PageInfo'
          required:
            - data
            - pageInfo
          type: object
      required:
        - results
      type: object
      additionalProperties: false
    VulnerableAsset:
      properties:
        id:
          type: string
          description: Unique identifier for the vulnerable asset.
        name:
          type: string
          description: Display name of the vulnerable asset.
        assetType:
          $ref: '#/components/schemas/VulnerableAssetType'
          description: >-
            Type of the vulnerable asset.

            Possible values: CODE_REPOSITORY, CONTAINER_REPOSITORY,
            CONTAINER_REPOSITORY_IMAGE, MANIFEST_FILE, SERVER,
            SERVERLESS_FUNCTION, WORKSTATION.
        hasBeenScanned:
          type: boolean
          description: Whether the vulnerable asset has been scanned.
        imageScanTag:
          type: string
          nullable: true
          description: >-
            Only relevant for container repositories. This field sets the
            container image tag that vulnerabilities will be retrieved for. If
            null, the latest image will be retrieved.
        scanners:
          items:
            $ref: '#/components/schemas/VulnerableAssetScanner'
          type: array
          description: The integrations that are scanning this vulnerable asset.
      required:
        - id
        - name
        - assetType
        - hasBeenScanned
        - imageScanTag
        - scanners
      type: object
      additionalProperties: false
    PageInfo:
      description: Provides information about the pagination of a dataset.
      properties:
        endCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the end of the current page, or null if
            there is no such cursor.
        hasNextPage:
          type: boolean
          description: Indicates if there is another page after the current page.
        hasPreviousPage:
          type: boolean
          description: Indicates if there is a page before the current page.
        startCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the start of the current page, or null if
            there is no such cursor.
      required:
        - endCursor
        - hasNextPage
        - hasPreviousPage
        - startCursor
      type: object
      additionalProperties: false
    VulnerableAssetScanner:
      properties:
        resourceId:
          type: string
          description: The scanned asset's Vanta resource id.
        integrationId:
          type: string
          description: Integration that the the vulnerable asset is scanned by.
        imageDigest:
          type: string
          nullable: true
          description: Digest of the scanned container image.
        imagePushedAtDate:
          type: string
          format: date-time
          nullable: true
          description: Push date of the scanned container image.
        imageTags:
          items:
            type: string
          type: array
          nullable: true
          description: Tags of the scanned container image.
        assetTags:
          items:
            $ref: '#/components/schemas/KeyValuePair'
          type: array
          nullable: true
          description: Tags of the scanned asset.
        parentAccountOrOrganization:
          type: string
          nullable: true
          description: The parent account or organization of the scanned asset.
        biosUuid:
          type: string
          nullable: true
          description: BIOS UUID of the scanned asset.
        ipv4s:
          items:
            type: string
          type: array
          nullable: true
          description: IPV4s of the scanned asset.
        ipv6s:
          items:
            type: string
          type: array
          nullable: true
          description: IPV6s of the scanned asset.
        macAddresses:
          items:
            type: string
          type: array
          nullable: true
          description: Mac addresses of the scanned asset.
        hostnames:
          items:
            type: string
          type: array
          nullable: true
          description: Host names of the scanned asset.
        fqdns:
          items:
            type: string
          type: array
          nullable: true
          description: fqdns of the scanned asset.
        operatingSystems:
          items:
            type: string
          type: array
          nullable: true
          description: Operating systems of the scanned asset.
        targetId:
          type: string
          nullable: true
          description: The asset's identifier code.
      required:
        - resourceId
        - integrationId
        - imageDigest
        - imagePushedAtDate
        - imageTags
        - assetTags
        - parentAccountOrOrganization
        - biosUuid
        - ipv4s
        - ipv6s
        - macAddresses
        - hostnames
        - fqdns
        - operatingSystems
        - targetId
      type: object
      additionalProperties: false
    KeyValuePair:
      properties:
        key:
          type: string
          description: Key of key-value pair.
        value:
          type: string
          description: Value of key-value pair.
      required:
        - key
        - value
      type: object
      additionalProperties: false
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````