You can call this operation to query the list of container image vulnerabilities detected by Security Center.
If you want to query the latest information about container image vulnerabilities, you can call the StartImageVulScan operation first. Wait one to five minutes, and then call the DescribeImageVulList operation.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | DescribeImageVulList |
The operation that you want to perform. Set the value to DescribeImageVulList. |
Dealed | String | No | y |
Specifies whether the vulnerability is handled. Valid values:
|
Type | String | No | cve |
The type of the vulnerability. Set the value to cve. |
Uuids | String | No | abcsdsda,dadadadada |
The IDs of the instances. Separate multiple IDs with commas (,). |
Name | String | No | 313131 |
The name of the vulnerability. |
AliasName | String | No | Linux vulnerabilities |
The alias of the vulnerability. |
StatusList | String | No | 1 |
The status of the vulnerability. Valid values:
|
Necessity | String | No | asap |
The priority of the vulnerability. Valid values:
|
Tag | String | No | oval |
The tag of the image. |
CurrentPage | Integer | No | 1 |
The number of the page to return. Pages start from page 1. Default value: 1. |
PageSize | Integer | No | 20 |
The number of entries to return on each page. Default value: 20. |
RepoName | String | No | libssh2 |
The name of the image. |
RegionId | String | No | cn-hangzhou |
The ID of the region where the assets are deployed. |
InstanceId | String | No | 1-qeqewqweeqe |
The ID of the asset instance. |
RepoId | String | No | xxxxx |
The ID of the image repository. |
Lang | String | No | zh |
The language of the request and response. Valid values:
|
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
CurrentPage | Integer | 1 |
The page number of the returned page. Pages start from page 1. Default value: 1. |
PageSize | Integer | 20 |
The number of entries returned on each page. Default value: 20. |
RequestId | String | A3F532DD-1807-4EA0-A76A-B9A7 |
The ID of the request. |
TotalCount | Integer | 15 |
The total number of vulnerabilities. |
VulRecords | Array |
The vulnerability information. |
|
AliasName | String | RHSA-2019:1884-medium: libssh2 security update |
The alias of the vulnerability. |
ExtendContentJson | Struct |
The extended content of the vulnerability information. |
|
Os | String | centos |
The type of the operating system. |
OsRelease | String | 7 |
The version of the operating system that supports the image. |
RpmEntityList | Array |
The RPM package list. |
|
FullVersion | String | 1.4.3-12.el7_6.2 |
The complete version number. |
Layer | String | b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587 |
The image layer. |
MatchDetail | String | libssh2 version less than 0:1.4.3-12.el7_6.3 |
The reason why the vulnerability is detected. |
Name | String | libssh2 |
The name of the RPM. |
Path | String | /usr/lib64/libssh2.so.1 |
The path of the software that has the vulnerability. |
UpdateCmd | String | yum update libssh2 |
The command that can be run to fix the vulnerability. |
Version | String | 1.4.3 |
The version of the operating system. |
ImageDigest | String | fffff |
Image digests. |
LastTs | Long | 1580808765000 |
The last time when the vulnerability was detected. |
Layers | List | ["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"] |
The image layer list. |
ModifyTs | Long | 1580808765000 |
The time when the vulnerability record was updated. |
Name | String | oval:com.redhat.rhsa:def:2019 |
The name of the vulnerability. |
Necessity | String | asap |
The priority of the vulnerability. Valid values:
|
PrimaryId | Long | 11 |
The ID of the vulnerability. |
Related | String | CVE-2019-3862 |
The details of the associated vulnerability. |
Status | Integer | 1 |
The status of the vulnerability. Valid values:
|
Tag | String | oval |
The tag of the image vulnerability. |
Type | String | cve |
The type of the vulnerability. Set the value to cve. |
Uuid | String | 13231fdafda |
The UUID of the server. |
Examples
Sample requests
http(s)://[Endpoint]/? Action=DescribeImageVulList
&<Common request parameters>
Sample success responses
XML
format
<DescribeImageVulListResponse>
<TotalCount>15</TotalCount>
<RequestId>A3F532DD-1807-4EA0-A76A-B9A7</RequestId>
<PageSize>20</PageSize>
<VulRecords>
<Status>1</Status>
<Type>cve</Type>
<Uuid>13231fdafda</Uuid>
<Related>CVE-2019-3862</Related>
<ModifyTs>1580808765000</ModifyTs>
<ImageDigest>fffff</ImageDigest>
<AliasName>RHSA-2019:1884-medium: libssh2 security update </AliasName>
<LastTs>1580808765000</LastTs>
<Necessity>asap</Necessity>
<Tag>oval</Tag>
<PrimaryId>11</PrimaryId>
<Name>oval:com.redhat.rhsa:def:2019</Name>
</VulRecords>
<VulRecords>
<Layers>["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"]</Layers>
</VulRecords>
<VulRecords>
<ExtendContentJson>
<Os>centos</Os>
<RpmEntityList>
<Path>/usr/lib64/libssh2.so.1</Path>
<UpdateCmd>yum update libssh2</UpdateCmd>
<Version>1.4.3</Version>
<FullVersion>1.4.3-12.el7_6.2</FullVersion>
<MatchDetail>libssh2 version less than 0:1.4.3-12.el7_6.3</MatchDetail>
<Layer>b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587</Layer>
<Name>libssh2</Name>
</RpmEntityList>
<OsRelease>7</OsRelease>
</ExtendContentJson>
</VulRecords>
<CurrentPage>1</CurrentPage>
</DescribeImageVulListResponse>
JSON
format
{
"TotalCount": "15",
"RequestId": "A3F532DD-1807-4EA0-A76A-B9A7",
"PageSize": "20",
"VulRecords": [{
"Status": "1",
"Type": "cve",
"Uuid": "13231fdafda",
"Related": "CVE-2019-3862",
"ModifyTs": "1580808765000",
"ImageDigest": "fffff",
"AliasName": "RHSA-2019:1884-medium: libssh2 security update",
"LastTs": "1580808765000",
"Necessity": "asap",
"Tag": "oval",
"PrimaryId": "11",
"Name": "oval:com.redhat.rhsa:def:2019"
}, {
"Layers": "[\"b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587\"]"
}, {
"ExtendContentJson": {
"Os": "centos",
"RpmEntityList": [{
"Path": "/usr/lib64/libssh2.so.1",
"UpdateCmd": "yum update libssh2",
"Version": "1.4.3",
"FullVersion": "1.4.3-12.el7_6.2",
"MatchDetail": "libssh2 version less than 0:1.4.3-12.el7_6.3",
"Layer": "b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587",
"Name": "libssh2"
}],
"OsRelease": "7"
}
}],
"CurrentPage": "1"
}
Error codes
For a list of error codes, visit the API Error Center.