DescribeImageVulList - API Reference| Alibaba Cloud Documentation Center

If you want to query the latest information about container image vulnerabilities, you can call the StartImageVulScan operation first. Wait one to five minutes, and then call the DescribeImageVulList operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	DescribeImageVulList	The operation that you want to perform. Set the value to DescribeImageVulList.
Dealed	String	No	y	Specifies whether the vulnerability is handled. Valid values: y: handled n: unhandled
Type	String	No	cve	The type of the vulnerability. Set the value to cve.
Uuids	String	No	abcsdsda,dadadadada	The IDs of the instances. Separate multiple IDs with commas (,).
Name	String	No	313131	The name of the vulnerability.
AliasName	String	No	Linux vulnerabilities	The alias of the vulnerability.
StatusList	String	No	1	The status of the vulnerability. Valid values: 1: unfixed 7: fixed
Necessity	String	No	asap	The priority of the vulnerability. Valid values: asap: The priority is high. We recommend that you fix this vulnerability at the earliest opportunity. later: The priority is medium. You can fix this vulnerability as needed. nntf: The priority is low. You can fix this vulnerability as needed.
Tag	String	No	oval	The tag of the image.
CurrentPage	Integer	No	1	The number of the page to return. Pages start from page 1. Default value: 1.
PageSize	Integer	No	20	The number of entries to return on each page. Default value: 20.
RepoName	String	No	libssh2	The name of the image.
RegionId	String	No	cn-hangzhou	The ID of the region where the assets are deployed.
InstanceId	String	No	1-qeqewqweeqe	The ID of the asset instance.
RepoId	String	No	xxxxx	The ID of the image repository.
Lang	String	No	zh	The language of the request and response. Valid values: zh: Chinese en: English

Response parameters


Parameter	Type	Example	Description
CurrentPage	Integer	1	The page number of the returned page. Pages start from page 1. Default value: 1.
PageSize	Integer	20	The number of entries returned on each page. Default value: 20.
RequestId	String	A3F532DD-1807-4EA0-A76A-B9A7	The ID of the request.
TotalCount	Integer	15	The total number of vulnerabilities.
VulRecords	Array		The vulnerability information.
AliasName	String	RHSA-2019:1884-medium: libssh2 security update	The alias of the vulnerability.
ExtendContentJson	Struct		The extended content of the vulnerability information.
Os	String	centos	The type of the operating system.
OsRelease	String	7	The version of the operating system that supports the image.
RpmEntityList	Array		The RPM package list.
FullVersion	String	1.4.3-12.el7_6.2	The complete version number.
Layer	String	b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587	The image layer.
MatchDetail	String	libssh2 version less than 0:1.4.3-12.el7_6.3	The reason why the vulnerability is detected.
Name	String	libssh2	The name of the RPM.
Path	String	/usr/lib64/libssh2.so.1	The path of the software that has the vulnerability.
UpdateCmd	String	yum update libssh2	The command that can be run to fix the vulnerability.
Version	String	1.4.3	The version of the operating system.
ImageDigest	String	fffff	Image digests.
LastTs	Long	1580808765000	The last time when the vulnerability was detected.
Layers	List	["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"]	The image layer list.
ModifyTs	Long	1580808765000	The time when the vulnerability record was updated.
Name	String	oval:com.redhat.rhsa:def:2019	The name of the vulnerability.
Necessity	String	asap	The priority of the vulnerability. Valid values: asap: The priority is high. We recommend that you fix this vulnerability at the earliest opportunity. later: The priority is medium. You can fix this vulnerability as needed. nntf: The priority is low. You can fix this vulnerability as needed.
PrimaryId	Long	11	The ID of the vulnerability.
Related	String	CVE-2019-3862	The details of the associated vulnerability.
Status	Integer	1	The status of the vulnerability. Valid values: 1: unfixed 7: fixed
Tag	String	oval	The tag of the image vulnerability.
Type	String	cve	The type of the vulnerability. Set the value to cve.
Uuid	String	13231fdafda	The UUID of the server.

Examples

Sample requests

http(s)://[Endpoint]/? Action=DescribeImageVulList
&<Common request parameters>

Sample success responses

XML format

<DescribeImageVulListResponse>
      <TotalCount>15</TotalCount>
      <RequestId>A3F532DD-1807-4EA0-A76A-B9A7</RequestId>
      <PageSize>20</PageSize>
      <VulRecords>
            <Status>1</Status>
            <Type>cve</Type>
            <Uuid>13231fdafda</Uuid>
            <Related>CVE-2019-3862</Related>
            <ModifyTs>1580808765000</ModifyTs>
            <ImageDigest>fffff</ImageDigest>
            <AliasName>RHSA-2019:1884-medium: libssh2 security update </AliasName>
            <LastTs>1580808765000</LastTs>
            <Necessity>asap</Necessity>
            <Tag>oval</Tag>
            <PrimaryId>11</PrimaryId>
            <Name>oval:com.redhat.rhsa:def:2019</Name>
      </VulRecords>
      <VulRecords>
            <Layers>["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"]</Layers>
      </VulRecords>
      <VulRecords>
            <ExtendContentJson>
                  <Os>centos</Os>
                  <RpmEntityList>
                        <Path>/usr/lib64/libssh2.so.1</Path>
                        <UpdateCmd>yum update libssh2</UpdateCmd>
                        <Version>1.4.3</Version>
                        <FullVersion>1.4.3-12.el7_6.2</FullVersion>
                        <MatchDetail>libssh2 version less than 0:1.4.3-12.el7_6.3</MatchDetail>
                        <Layer>b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587</Layer>
                        <Name>libssh2</Name>
                  </RpmEntityList>
                  <OsRelease>7</OsRelease>
            </ExtendContentJson>
      </VulRecords>
      <CurrentPage>1</CurrentPage>
</DescribeImageVulListResponse>

JSON format

{
	"TotalCount": "15",
	"RequestId": "A3F532DD-1807-4EA0-A76A-B9A7",
	"PageSize": "20",
	"VulRecords": [{
		"Status": "1",
		"Type": "cve",
		"Uuid": "13231fdafda",
		"Related": "CVE-2019-3862",
		"ModifyTs": "1580808765000",
		"ImageDigest": "fffff",
		"AliasName": "RHSA-2019:1884-medium: libssh2 security update",
		"LastTs": "1580808765000",
		"Necessity": "asap",
		"Tag": "oval",
		"PrimaryId": "11",
		"Name": "oval:com.redhat.rhsa:def:2019"
	}, {
		"Layers": "[\"b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587\"]"
	}, {
		"ExtendContentJson": {
			"Os": "centos",
			"RpmEntityList": [{
				"Path": "/usr/lib64/libssh2.so.1",
				"UpdateCmd": "yum update libssh2",
				"Version": "1.4.3",
				"FullVersion": "1.4.3-12.el7_6.2",
				"MatchDetail": "libssh2 version less than 0:1.4.3-12.el7_6.3",
				"Layer": "b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587",
				"Name": "libssh2"
			}],
			"OsRelease": "7"
		}
	}],
	"CurrentPage": "1"
}

Error codes

For a list of error codes, visit the API Error Center.