Environment

Versions 3.0 and higher.


Deployment Task

In the web console, there is an option to export all CVEs that were found and their associated images. This is usually under Compliance > Vulnerabilities > "Export CVEs". This can be triggered via an API as documented below.


Deployment Steps

1. POST http(s)://hostURL/api/v2/risks/vulnerabilities/csv

2. Record token return in response

3. GET http(s)://hostURL/api/v2/risks/vulnerabilities/csv?token=<token>

4. Receive gzip compressed CSV file



The following was confirmed to work with the curl command and then running 'gzip -d aqua-csv-output.gz':



curl -X GET -H 'Authorization: Basic UEFTU1dPUkQtRk9SLUNPTlNPTEU=' 'http://hostURL/api/v2/risks/vulnerabilities/csv?token=45202367-aeb7-45b5-b4d2-947bfbc1a21d' --output aqua-csv-output.gz