> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List all Package Vulnerabilities

> 
List `PackageVulnerabilityConnectors` resources for the given application.

** Headers **
```
Authorization: Bearer <access_token>
```

** Scopes **
```
connectors.self:read-resource
```




## OpenAPI

````yaml /reference/build-integrations.json get /v1/resources/package_vulnerability_connectors
openapi: 3.0.1
info:
  title: Build integrations
  description: >-
    The API that enables syncing and viewing resources


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token and authorization URLs shown
    below default to the commercial hosts — Gov customers should replace
    `api.vanta.com` with `api.vanta-gov.com` and `app.vanta.com` with
    `app.vanta-gov.com`.
  termsOfService: https://www.vanta.com/terms
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
  license:
    name: Vanta Terms of Service
    url: https://www.vanta.com/terms
  version: 0.0.1
servers:
  - url: https://api.vanta.com
    description: Vanta (Commercial)
  - url: https://api.vanta-gov.com
    description: Vanta Gov (FedRAMP)
security:
  - oauth:
      - connectors.self:read-resource
      - connectors.self:write-resource
tags:
  - name: API Endpoint Vulnerabilities
  - name: Background Checks
  - name: Custom Resources
  - name: Documents
  - name: MacOS User Computers
  - name: Package Vulnerabilities
  - name: Secrets
  - name: Security Tasks
  - name: Static Code Analysis Vulnerabilities
  - name: User Accounts
  - name: User Security Training Statuses
  - name: Vulnerable Components
  - name: Windows User Computers
paths:
  /v1/resources/package_vulnerability_connectors:
    get:
      tags:
        - Package Vulnerabilities
      summary: List all Package Vulnerabilities
      description: >

        List `PackageVulnerabilityConnectors` resources for the given
        application.


        ** Headers **

        ```

        Authorization: Bearer <access_token>

        ```


        ** Scopes **

        ```

        connectors.self:read-resource

        ```
      operationId: get-PackageVulnerabilityConnectors
      parameters:
        - name: resourceId
          in: query
          schema:
            type: string
          required: true
          description: >-
            Vanta generated identifier for the given resource, and can be found
            on the developer console page. See the list of registered resources
            and their IDs on
            https://app.vanta.com/settings/developer-console/<app_id>?tab=resources
      responses:
        '200':
          description: List of resources.
          content:
            application/json:
              schema:
                type: object
                properties:
                  resources:
                    type: array
                    items:
                      properties:
                        displayName:
                          type: string
                          description: >-
                            A human readable label for this resource - will be
                            shown as-is in inventory page.
                        uniqueId:
                          type: string
                          description: A stable global identifier for this resource.
                        externalUrl:
                          type: string
                          description: >-
                            A link to this resource on the partner site. This
                            must be a HTTPS URL.
                        packageName:
                          type: string
                          description: >-
                            The name of the package associated with the
                            vulnerability.
                        packageVersion:
                          type: string
                          description: >-
                            The version of the package associated with the
                            vulnerability.
                        severity:
                          type: number
                          format: float
                          description: >-
                            The severity of the vulnerability, on a scale of 0
                            to 10. This will be rounded to the nearest tenth.
                        vulnerableComponentUniqueId:
                          type: string
                          description: >-
                            A unique identifier for the vulnerable component
                            associated with the vulnerability. This must
                            reference the `uniqueId` field in the a previously
                            supplied `VulnerableComponent`.
                        description:
                          type: string
                          description: A description of the vulnerability.
                        isResolvable:
                          type: boolean
                          description: Whether the vulnerability can be resolved.
                        remediationInstructions:
                          type: string
                          description: Instructions for remediating the vulnerability.
                        isReachable:
                          type: boolean
                          description: >-
                            Whether there is a code path to the vulnerable code
                            in this package. This field is optional.
                        cveId:
                          type: string
                          description: >-
                            The Common Vulnerabilities and Exposures (CVE)
                            identifier for the vulnerability. This field is
                            optional.
                        cvss3Vector:
                          type: string
                          description: >-
                            The Common Vulnerability Scoring System (CVSS)
                            version 3 vector for the vulnerability. This field
                            is optional.
                        cvss3Score:
                          type: number
                          format: float
                          description: >-
                            The Common Vulnerability Scoring System (CVSS)
                            version 3 score for the vulnerability. This field is
                            optional.
                      required:
                        - displayName
                        - uniqueId
                        - externalUrl
                        - packageName
                        - packageVersion
                        - severity
                        - vulnerableComponentUniqueId
                        - description
                        - isResolvable
                        - remediationInstructions
components:
  securitySchemes:
    oauth:
      type: oauth2
      x-default: vat_llamainapajama
      flows:
        authorizationCode:
          authorizationUrl: https://app.vanta.com/oauth/authorize
          tokenUrl: https://api.vanta.com/oauth/token
          scopes:
            connectors.self:write-resource: Send data to your account.
            connectors.self:read-resource: Read data from your account.

````