For {project}, either project-number or project-id can be provided.
Query parameters
Parameters
pageSize
integer
The maximum number of results to return.
pageToken
string
A pagination token returned from a previous call to vulnerabilityReports.list that indicates where this listing should continue from.
filter
string
This field supports filtering by the severity level for the vulnerability. For a list of severity levels, see Severity levels for vulnerabilities.
The filter field follows the rules described in the AIP-160 guidelines as follows:
Filter for a specific severity type: you can list reports that contain vulnerabilities that are classified as medium by specifying vulnerabilities.details.severity:MEDIUM.
Filter for a range of severities : you can list reports that have vulnerabilities that are classified as critical or high by specifying vulnerabilities.details.severity:HIGH OR
vulnerabilities.details.severity:CRITICAL
Request body
The request body must be empty.
Response body
A response message for listing vulnerability reports for all VM instances in the specified location.
If successful, the response body contains data with the following structure:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-28 UTC."],[[["This API endpoint lists vulnerability reports for all VM instances within a specified zone using a GET request."],["The request URL requires a `parent` path parameter in the format `projects/*/locations/*/instances/*` to identify the target project, location, and instances."],["Query parameters allow for filtering results by `pageSize`, continuing pagination with `pageToken`, and filtering by severity with the `filter` parameter using severity levels like `MEDIUM`, `HIGH`, or `CRITICAL`."],["The request body must be empty, and a successful response includes a list of `vulnerabilityReports` and a `nextPageToken` for pagination, represented in JSON format."],["Authorization requires the OAuth scope `https://www.googleapis.com/auth/cloud-platform` and the IAM permission `osconfig.vulnerabilityReports.list` on the parent resource."]]],[]]
