;}%20.st6{fill:url(%23SVGID_00000021089067129159788970000008246765442136188072_);}%20.st7{fill:url(%23SVGID_00000117639240116366130650000015074833605515028638_);}%20.st8{opacity:0.4;fill:url(%23SVGID_00000101781798616409025840000016567063639337360777_);}%20.st9{opacity:0.4;fill:url(%23SVGID_00000052086836598721292040000002033117744178971046_);}%20.st10{opacity:0.4;fill:url(%23SVGID_00000159460939004760751800000002448009281983951536_);}%20.st11{opacity:0.4;fill:url(%23SVGID_00000013177830667419993080000017721442101626521532_);}%20.st12{opacity:0.4;fill:url(%23SVGID_00000152235521444854938490000006526001119318383285_);}%20.st13{opacity:0.4;fill:url(%23SVGID_00000119823135212293698520000012774889010992664993_);}%20%3c/style%3e%3cg%3e%3cpolygon%20class='st2'%20points='134.78,14.22%20114.31,48.21%20101.33,69.75%20158.22,69.75%20177.97,36.95%20191.67,14.22%20'/%3e%3cpolygon%20class='st3'%20points='227.55,69.75%20186.61,69.75%20101.33,69.75%20129.78,119.02%20158.16,119.02%20228.61,119.02%20256,119.02%20'/%3e%3cpolygon%20class='st3'%20points='136.93,132.47%20116.46,167.93%2073.82,241.78%20130.71,241.78%20144.9,217.2%20180.13,156.18%20193.82,132.46%20'/%3e%3cpolygon%20class='st3'%20points='121.7,131.95%20101.23,96.49%2058.59,22.63%2030.15,71.91%2044.34,96.49%2079.57,157.5%2093.26,181.22%20'/%3e%3cpolygon%20class='st2'%20points='64.81,131.95%2025.15,131.21%200,130.74%2028.44,180.01%2066.73,180.72%2093.26,181.21%20'/%3e%3cpolygon%20class='st2'%20points='165.38,181.74%20184.58,216.46%20196.75,238.47%20225.19,189.2%20206.66,155.69%20193.83,132.46%20'/%3e%3c/g%3e%3c/svg%3e)
Windmill HubEdits history of script submission #22714 for ' Get Vulnerability Finding (wiz)'
- bunnativeApproved version
//native /** * Get Vulnerability Finding * Retrieve a single vulnerability finding by its ID, including the CVE details and the affected asset. */ export async function main(auth: RT.Wiz, finding_id: string) { const tokenResponse = await fetch( auth.auth_url || "https://auth.app.wiz.io/oauth/token", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: new URLSearchParams({ grant_type: "client_credentials", audience: auth.audience || "wiz-api", client_id: auth.client_id, client_secret: auth.client_secret, }), } ) if (!tokenResponse.ok) { throw new Error(`${tokenResponse.status} ${await tokenResponse.text()}`) } const { access_token } = (await tokenResponse.json()) as { access_token: string } const query = ` query GetVulnerabilityFinding($id: ID!) { vulnerabilityFinding(id: $id) { id name detailedName severity: vendorSeverity CVSSSeverity CVEDescription description score exploitabilityScore impactScore hasExploit hasCisaKevExploit status vulnerabilityExternalId version fixedVersion detectionMethod firstDetectedAt lastDetectedAt resolvedAt resolutionReason remediation locationPath link portalUrl vulnerableAsset { ... on VulnerableAssetBase { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetVirtualMachine { id type name cloudPlatform subscriptionId tags operatingSystem } ... on VulnerableAssetServerless { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetContainerImage { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetContainer { id type name cloudPlatform subscriptionId tags } } } }` const response = await fetch(auth.api_endpoint, { method: "POST", headers: { Authorization: `Bearer ${access_token}`, "Content-Type": "application/json", Accept: "application/json", }, body: JSON.stringify({ query, variables: { id: finding_id }, }), }) if (!response.ok) { throw new Error(`${response.status} ${await response.text()}`) } const result = (await response.json()) as { data?: any; errors?: any } if (result.errors) { throw new Error(JSON.stringify(result.errors)) } return result.data.vulnerabilityFinding }Submitted by hugo989 5 days ago