;}%20.st6{fill:url(%23SVGID_00000021089067129159788970000008246765442136188072_);}%20.st7{fill:url(%23SVGID_00000117639240116366130650000015074833605515028638_);}%20.st8{opacity:0.4;fill:url(%23SVGID_00000101781798616409025840000016567063639337360777_);}%20.st9{opacity:0.4;fill:url(%23SVGID_00000052086836598721292040000002033117744178971046_);}%20.st10{opacity:0.4;fill:url(%23SVGID_00000159460939004760751800000002448009281983951536_);}%20.st11{opacity:0.4;fill:url(%23SVGID_00000013177830667419993080000017721442101626521532_);}%20.st12{opacity:0.4;fill:url(%23SVGID_00000152235521444854938490000006526001119318383285_);}%20.st13{opacity:0.4;fill:url(%23SVGID_00000119823135212293698520000012774889010992664993_);}%20%3c/style%3e%3cg%3e%3cpolygon%20class='st2'%20points='134.78,14.22%20114.31,48.21%20101.33,69.75%20158.22,69.75%20177.97,36.95%20191.67,14.22%20'/%3e%3cpolygon%20class='st3'%20points='227.55,69.75%20186.61,69.75%20101.33,69.75%20129.78,119.02%20158.16,119.02%20228.61,119.02%20256,119.02%20'/%3e%3cpolygon%20class='st3'%20points='136.93,132.47%20116.46,167.93%2073.82,241.78%20130.71,241.78%20144.9,217.2%20180.13,156.18%20193.82,132.46%20'/%3e%3cpolygon%20class='st3'%20points='121.7,131.95%20101.23,96.49%2058.59,22.63%2030.15,71.91%2044.34,96.49%2079.57,157.5%2093.26,181.22%20'/%3e%3cpolygon%20class='st2'%20points='64.81,131.95%2025.15,131.21%200,130.74%2028.44,180.01%2066.73,180.72%2093.26,181.21%20'/%3e%3cpolygon%20class='st2'%20points='165.38,181.74%20184.58,216.46%20196.75,238.47%20225.19,189.2%20206.66,155.69%20193.83,132.46%20'/%3e%3c/g%3e%3c/svg%3e)
Windmill HubEdits history of script submission #22719 for ' List Vulnerability Findings (wiz)'
- bunnativeApproved version
//native /** * List Vulnerability Findings * List vulnerability findings (CVEs detected on cloud resources), with optional filters by severity, status, CVE, exploit and fix availability. */ export async function main( auth: RT.Wiz, vendor_severity: | ("NONE" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL")[] | undefined, status: ("UNRESOLVED" | "RESOLVED" | "PASSED" | "IGNORED")[] | undefined, cve: string | undefined, has_exploit: boolean | undefined, has_fix: boolean | undefined, first: number | undefined, after: string | undefined ) { const tokenResponse = await fetch( auth.auth_url || "https://auth.app.wiz.io/oauth/token", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: new URLSearchParams({ grant_type: "client_credentials", audience: auth.audience || "wiz-api", client_id: auth.client_id, client_secret: auth.client_secret, }), } ) if (!tokenResponse.ok) { throw new Error(`${tokenResponse.status} ${await tokenResponse.text()}`) } const { access_token } = (await tokenResponse.json()) as { access_token: string } const filterBy: { [key: string]: any } = {} if (vendor_severity && vendor_severity.length > 0) filterBy.vendorSeverity = vendor_severity if (status && status.length > 0) filterBy.status = status if (cve !== undefined && cve !== "") filterBy.vulnerabilityExternalId = [cve] if (has_exploit !== undefined) filterBy.hasExploit = has_exploit if (has_fix !== undefined) filterBy.hasFix = has_fix const query = ` query ListVulnerabilityFindings($first: Int, $after: String, $filterBy: VulnerabilityFindingFilters) { vulnerabilityFindings(first: $first, after: $after, filterBy: $filterBy) { totalCount pageInfo { hasNextPage endCursor } nodes { id name detailedName severity: vendorSeverity CVSSSeverity score exploitabilityScore impactScore hasExploit hasCisaKevExploit status vulnerabilityExternalId version fixedVersion detectionMethod firstDetectedAt lastDetectedAt resolvedAt resolutionReason remediation link portalUrl vulnerableAsset { ... on VulnerableAssetBase { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetVirtualMachine { id type name cloudPlatform subscriptionId tags operatingSystem } ... on VulnerableAssetServerless { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetContainerImage { id type name cloudPlatform subscriptionId tags } ... on VulnerableAssetContainer { id type name cloudPlatform subscriptionId tags } } } } }` const response = await fetch(auth.api_endpoint, { method: "POST", headers: { Authorization: `Bearer ${access_token}`, "Content-Type": "application/json", Accept: "application/json", }, body: JSON.stringify({ query, variables: { first: first ?? 50, after: after || null, filterBy }, }), }) if (!response.ok) { throw new Error(`${response.status} ${await response.text()}`) } const result = (await response.json()) as { data?: any; errors?: any } if (result.errors) { throw new Error(JSON.stringify(result.errors)) } return result.data.vulnerabilityFindings }Submitted by hugo989 5 days ago