> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get vulnerabilities

> List all vulnerabilities based on selected filters.



## OpenAPI

````yaml /reference/manage-vanta.json get /vulnerabilities
openapi: 3.0.0
info:
  title: Manage Vanta
  version: 1.0.0
  description: >-
    The REST API lets customers query and mutate Vanta's data. Use this API to
    automate bulk actions, query data for custom workflows and dashboards, and
    bolster your security operations


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token URL shown below defaults to the
    commercial host — replace it with `https://api.vanta-gov.com/oauth/token`.
  termsOfService: https://www.vanta.com/terms
  license:
    name: UNLICENSED
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
servers:
  - url: https://api.vanta.com/v1
    description: Vanta (Commercial)
  - url: https://api.vanta-gov.com/v1
    description: Vanta Gov (FedRAMP)
security: []
paths:
  /vulnerabilities:
    get:
      tags:
        - Vulnerabilities
      summary: Get vulnerabilities
      description: List all vulnerabilities based on selected filters.
      operationId: ListVulnerabilities
      parameters:
        - description: Filter vulnerabilities by search query
          in: query
          name: q
          required: false
          schema:
            type: string
        - in: query
          name: pageSize
          required: false
          schema:
            $ref: '#/components/schemas/PageSize'
        - in: query
          name: pageCursor
          required: false
          schema:
            $ref: '#/components/schemas/PageCursor'
        - description: Filter vulnerabilities by deactivation status.
          in: query
          name: isDeactivated
          required: false
          schema:
            type: boolean
        - description: Filter vulnerabilities based on a specific external ID.
          in: query
          name: externalVulnerabilityId
          required: false
          schema:
            type: string
        - description: Filter vulnerabilities that have an available fix.
          in: query
          name: isFixAvailable
          required: false
          schema:
            type: boolean
        - description: Filter vulnerabilities that are from a specific package.
          in: query
          name: packageIdentifier
          required: false
          schema:
            type: string
        - description: Filter vulnerabilities with a fix due after a specific timestamp
          in: query
          name: slaDeadlineAfterDate
          required: false
          schema:
            type: string
            format: date-time
        - description: Filter vulnerabilities with a fix due before a specific timestamp
          in: query
          name: slaDeadlineBeforeDate
          required: false
          schema:
            type: string
            format: date-time
        - description: |-
            Filter vulnerabilities by severity.
            Possible values: CRITICAL, HIGH, MEDIUM, LOW.
          in: query
          name: severity
          required: false
          schema:
            $ref: '#/components/schemas/ExternalFindingSeverity'
        - description: >-
            Filter vulnerabilities by the vulnerability scanner that detected
            them.
          in: query
          name: integrationId
          required: false
          schema:
            type: string
        - description: Filter vulnerabilities without an SLA due date.
          in: query
          name: includeVulnerabilitiesWithoutSlas
          required: false
          schema:
            type: boolean
        - description: Filter vulnerabilities by a specific asset ID.
          in: query
          name: vulnerableAssetId
          required: false
          schema:
            type: string
      responses:
        '200':
          description: Ok
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedResponse_Vulnerability_'
              examples:
                Example 1:
                  value:
                    results:
                      pageInfo:
                        hasNextPage: true
                        hasPreviousPage: false
                        startCursor: YXJyYXljb25uZWN0aW9uOjA=
                        endCursor: YXJyYXljb25uZWN0aW9uOjE=
                      data:
                        - id: a2f7e1b9d0c3f4e5a6c7b8d9
                          name: CVE-2021-12345
                          description: >-
                            MariaDB before 10.6.2 allows an application crash
                            because of mishandling of a pushdown from a HAVING
                            clause to a WHERE clause.
                          integrationId: Inspector
                          packageIdentifier: package
                          vulnerabilityType: COMMON
                          targetId: targetId
                          externalId: 12345678-abcd-cdef-ab12-abcd1234bbbc
                          firstDetectedDate: '2021-01-01T00:00:00.000Z'
                          sourceDetectedDate: '2021-01-01T00:00:00.000Z'
                          lastDetectedDate: '2021-01-01T00:00:00.000Z'
                          severity: CRITICAL
                          cvssSeverityScore: 9.8
                          scannerScore: 100
                          isFixable: true
                          fixedVersion: 10.6.2
                          remediateByDate: '2021-01-01T00:00:00.000Z'
                          relatedVulns:
                            - CVE-2021-12345
                          relatedUrls:
                            - >-
                              https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-12345
                          externalURL: >-
                            https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-12345
                          scanSource: Not provided
                          deactivateMetadata:
                            deactivatedBy: b2f7e1b9d0c3f4e5a6c7b123
                            deactivatedOnDate: '2021-01-01T00:00:00.000Z'
                            deactivationReason: fix is too hard to carry out
                            deactivatedUntilDate: null
                            isVulnDeactivatedIndefinitely: true
      security:
        - bearerAuth: []
components:
  schemas:
    PageSize:
      type: integer
      format: int32
      default: 10
      description: >-
        Controls the maximum number of items returned in one response from the
        API.
      minimum: 1
      maximum: 100
    PageCursor:
      type: string
      description: >-
        A marker or pointer, telling the API where to start fetching items for
        the subsequent page in a paginated dataset.

        Note that the requested page will not include the item that corresponds
        to this cursor but will start from the one immediately

        after this cursor.
    ExternalFindingSeverity:
      description: >-
        ExternalFindingSeverity describes the severity of an external finding
        (Vulnerability or Security Alert)
      enum:
        - CRITICAL
        - HIGH
        - LOW
        - MEDIUM
      type: string
    PaginatedResponse_Vulnerability_:
      properties:
        results:
          properties:
            data:
              items:
                $ref: '#/components/schemas/Vulnerability'
              type: array
            pageInfo:
              $ref: '#/components/schemas/PageInfo'
          required:
            - data
            - pageInfo
          type: object
      required:
        - results
      type: object
      additionalProperties: false
    Vulnerability:
      properties:
        id:
          type: string
          description: Unique identifier for the vulnerability.
        name:
          type: string
          description: Display name of the vulnerability.
        description:
          type: string
          description: Description of the vulnerability.
        integrationId:
          type: string
          description: Integration that the vulnerability is scanned by.
        packageIdentifier:
          type: string
          nullable: true
          description: |-
            Identifier for the package that the vulnerability is found on.
            Only relevant to vulnerabilities of type COMMON or GROUPED.
        vulnerabilityType:
          $ref: '#/components/schemas/VulnerabilityType'
          description: |-
            Type of the vulnerability.
            Possible values: CONFIGURATION, COMMON, GROUPED.
        targetId:
          type: string
          description: >-
            Unique identifier for the underlying resource that the vulnerability
            is found on.
        firstDetectedDate:
          type: string
          format: date-time
          description: Date when the vulnerability was first detected by Vanta.
        sourceDetectedDate:
          type: string
          format: date-time
          nullable: true
          description: Date when the vulnerability was first detected by the source.
        lastDetectedDate:
          type: string
          format: date-time
          nullable: true
          description: Date when the vulnerability was last detected.
        severity:
          $ref: '#/components/schemas/ExternalFindingSeverityType'
          description: |-
            Severity of the vulnerability.
            Possible values: LOW, MEDIUM, HIGH, CRITICAL.
        cvssSeverityScore:
          type: number
          format: double
          nullable: true
          description: CVSS severity score of the vulnerability.
        scannerScore:
          type: number
          format: double
          nullable: true
          description: Scanner score of the vulnerability.
        isFixable:
          type: boolean
          description: Whether the vulnerability is fixable.
        remediateByDate:
          type: string
          format: date-time
          nullable: true
          description: Date when the vulnerability should be remediated by.
        relatedVulns:
          items:
            type: string
          type: array
          description: |-
            Related vulnerabilities.
            Only relevant to vulnerabilities of type GROUPED.
        relatedUrls:
          items:
            type: string
          type: array
          description: Related URLs.
        externalURL:
          type: string
          description: External URL for the vulnerability.
        scanSource:
          type: string
          description: Scanning tool that detected the vulnerability
        deactivateMetadata:
          properties:
            isVulnDeactivatedIndefinitely:
              type: boolean
              description: Whether the vulnerability is deactivated indefinitely.
            deactivatedUntilDate:
              type: string
              format: date-time
              nullable: true
              description: Date when the vulnerability will be reactivated.
            deactivationReason:
              type: string
              description: Reason for deactivating the vulnerability.
            deactivatedOnDate:
              type: string
              format: date-time
              description: Date when the vulnerability was deactivated.
            deactivatedBy:
              type: string
              description: Identifier of the user who deactivated the vulnerability.
          required:
            - isVulnDeactivatedIndefinitely
            - deactivatedUntilDate
            - deactivationReason
            - deactivatedOnDate
            - deactivatedBy
          type: object
          nullable: true
          description: Metadata for the deactivation of the vulnerability.
        fixedVersion:
          type: string
          nullable: true
          description: >-
            Package version that remediates the vulnerability when reported by
            the scanner.

            Null when unknown or not applicable.
        externalId:
          type: string
          nullable: true
          description: >-
            Identifier for the affected asset in the source system that detected
            the vulnerability.
      required:
        - id
        - name
        - description
        - integrationId
        - packageIdentifier
        - vulnerabilityType
        - targetId
        - firstDetectedDate
        - sourceDetectedDate
        - lastDetectedDate
        - severity
        - cvssSeverityScore
        - scannerScore
        - isFixable
        - remediateByDate
        - relatedVulns
        - relatedUrls
        - externalURL
        - deactivateMetadata
        - fixedVersion
        - externalId
      type: object
      additionalProperties: false
    PageInfo:
      description: Provides information about the pagination of a dataset.
      properties:
        endCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the end of the current page, or null if
            there is no such cursor.
        hasNextPage:
          type: boolean
          description: Indicates if there is another page after the current page.
        hasPreviousPage:
          type: boolean
          description: Indicates if there is a page before the current page.
        startCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the start of the current page, or null if
            there is no such cursor.
      required:
        - endCursor
        - hasNextPage
        - hasPreviousPage
        - startCursor
      type: object
      additionalProperties: false
    VulnerabilityType:
      type: string
      enum:
        - CONFIGURATION
        - COMMON
        - GROUPED
    ExternalFindingSeverityType:
      type: string
      enum:
        - CRITICAL
        - HIGH
        - LOW
        - MEDIUM
      nullable: false
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````