Container Image Vulnerability

Vulnerability present in the content that is installed in the image.

Fields

advisory_id | String required

String parameters

regex | ^\d{4}:\d{4,}$

Advisory identifier.

advisory_type | String required

Advisory type (RHSA, RHBA, …).

cve_id | String required

String parameters

regex | ^CVE-\d{4}-\d{4,}$

ID of the CVE.

public_date | String required

Date the CVE was made public.

severity | String required

String parameters

enum Low | Moderate | Important | Critical

CVE severity.

object_type | String

String parameters

constant | containerImageVulnerability

packages | List[ContainerImageVulnerabilityPackage]

Array of package information applicable to this CVE. This array was superseded by affected_packages array.

affected_packages | List[ContainerImageVulnerabilityAffectedPackage]

List of packages affected by this CVE.

_id | ObjectID read-only

MongoDB unique _id

creation_date | DateTime read-only

The date when the entry was created. Value is created automatically on creation.

last_update_date | DateTime read-only

The date when the entry was last updated.

Indexes

vulnerability_identity

Fields

• advisory_id: ASC

• cve_id: ASC

• image_id: ASC

Parameters

• unique: True

• sparse: True

Description

This unique index is used to find container image vulnerability by combination of advisory_id, cve_id and image_id.

image_id_1_severity_1

Fields

• image_id: ASC

• severity: ASC

Description

This index is used to find container image vulnerability by image_id and severity.

Usage

Endpoints

• GET - /vulnerabilities/id/{identifier}

• GET - /images/id/{identifier}/vulnerabilities

Queries and Mutations

• get_image_vulnerability

• find_image_vulnerabilities