> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List all Vulnerable Components

> 
List `VulnerableComponent` resources for the given application.

** Headers **
```
Authorization: Bearer <access_token>
```

** Scopes **
```
connectors.self:read-resource
```




## OpenAPI

````yaml /reference/build-integrations.json get /v1/resources/vulnerable_component
openapi: 3.0.1
info:
  title: Build integrations
  description: >-
    The API that enables syncing and viewing resources


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token and authorization URLs shown
    below default to the commercial hosts — Gov customers should replace
    `api.vanta.com` with `api.vanta-gov.com` and `app.vanta.com` with
    `app.vanta-gov.com`.
  termsOfService: https://www.vanta.com/terms
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
  license:
    name: Vanta Terms of Service
    url: https://www.vanta.com/terms
  version: 0.0.1
servers:
  - url: https://api.vanta.com
    description: Vanta (Commercial)
  - url: https://api.vanta-gov.com
    description: Vanta Gov (FedRAMP)
security:
  - oauth:
      - connectors.self:read-resource
      - connectors.self:write-resource
tags:
  - name: API Endpoint Vulnerabilities
  - name: Background Checks
  - name: Custom Resources
  - name: Documents
  - name: MacOS User Computers
  - name: Package Vulnerabilities
  - name: Secrets
  - name: Security Tasks
  - name: Static Code Analysis Vulnerabilities
  - name: User Accounts
  - name: User Security Training Statuses
  - name: Vulnerable Components
  - name: Windows User Computers
paths:
  /v1/resources/vulnerable_component:
    get:
      tags:
        - Vulnerable Components
      summary: List all Vulnerable Components
      description: |

        List `VulnerableComponent` resources for the given application.

        ** Headers **
        ```
        Authorization: Bearer <access_token>
        ```

        ** Scopes **
        ```
        connectors.self:read-resource
        ```
      operationId: get-VulnerableComponent
      parameters:
        - name: resourceId
          in: query
          schema:
            type: string
          required: true
          description: >-
            Vanta generated identifier for the given resource, and can be found
            on the developer console page. See the list of registered resources
            and their IDs on
            https://app.vanta.com/settings/developer-console/<app_id>?tab=resources
      responses:
        '200':
          description: List of resources.
          content:
            application/json:
              schema:
                type: object
                properties:
                  resources:
                    type: array
                    items:
                      properties:
                        displayName:
                          type: string
                          description: >-
                            A human readable label for this resource - will be
                            shown as-is in inventory page.
                        uniqueId:
                          type: string
                          description: A stable global identifier for this resource.
                        externalUrl:
                          type: string
                          description: >-
                            A link to this resource on the partner site. This
                            must be a HTTPS URL.
                        collectedTimestamp:
                          type: string
                          format: date-time
                          description: >-
                            A timestamp that indicates when the data being sent
                            was collected from the vulnerable component. In some
                            cases, you may have staggered data collection for
                            the various data being sent. In that case, feel free
                            to use the latest collected timestamp for the
                            individual data items to populate this field.
                        name:
                          type: string
                          description: >-
                            The name of the system component in which a
                            vulnerability has been detected.
                        description:
                          type: string
                          description: >-
                            Description of the system component in which a
                            vulnerability has been detected.
                        targetType:
                          description: >-
                            The type of the system component in which a
                            vulnerability has been detected (eg: container,
                            source code repository).
                          enum:
                            - HOST
                            - SERVER
                            - CONTAINER
                            - CONTAINER_REPOSITORY
                            - CONTAINER_REPOSITORY_IMAGE
                            - CODE_REPOSITORY
                            - SERVERLESS_FUNCTION
                            - MANIFEST_FILE
                            - WORKSTATION
                            - OTHER
                      required:
                        - displayName
                        - uniqueId
                        - externalUrl
                        - collectedTimestamp
                        - name
                        - description
                        - targetType
components:
  securitySchemes:
    oauth:
      type: oauth2
      x-default: vat_llamainapajama
      flows:
        authorizationCode:
          authorizationUrl: https://app.vanta.com/oauth/authorize
          tokenUrl: https://api.vanta.com/oauth/token
          scopes:
            connectors.self:write-resource: Send data to your account.
            connectors.self:read-resource: Read data from your account.

````