Versions 3.0 and higher.

Deployment Task

In the web console, there is an option to export all CVEs that were found and their associated images. This is usually under Compliance > Vulnerabilities > "Export CVEs". This can be triggered via an API as documented below.

Deployment Steps

1. POST http(s)://hostURL/api/v2/risks/vulnerabilities/csv

2. Record token return in response

3. GET http(s)://hostURL/api/v2/risks/vulnerabilities/csv?token=<token>

4. Receive gzip compressed CSV file

The following was confirmed to work with the curl command and then running 'gzip -d aqua-csv-output.gz':

curl -X GET -H 'Authorization: Basic UEFTU1dPUkQtRk9SLUNPTlNPTEU=' 'http://hostURL/api/v2/risks/vulnerabilities/csv?token=45202367-aeb7-45b5-b4d2-947bfbc1a21d' --output aqua-csv-output.gz