You can call this operation to query the list of container image vulnerabilities detected by Security Center.

If you want to query the latest information about container image vulnerabilities, you can call the StartImageVulScan operation first. Wait one to five minutes, and then call the DescribeImageVulList operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeImageVulList

The operation that you want to perform.

Set the value to DescribeImageVulList.

Dealed String No y

Specifies whether the vulnerability is handled. Valid values:

  • y: handled
  • n: unhandled
Type String No cve

The type of the vulnerability. Set the value to cve.

Uuids String No abcsdsda,dadadadada

The IDs of the instances. Separate multiple IDs with commas (,).

Name String No 313131

The name of the vulnerability.

AliasName String No Linux vulnerabilities

The alias of the vulnerability.

StatusList String No 1

The status of the vulnerability. Valid values:

  • 1: unfixed
  • 7: fixed
Necessity String No asap

The priority of the vulnerability. Valid values:

  • asap: The priority is high. We recommend that you fix this vulnerability at the earliest opportunity.
  • later: The priority is medium. You can fix this vulnerability as needed.
  • nntf: The priority is low. You can fix this vulnerability as needed.
Tag String No oval

The tag of the image.

CurrentPage Integer No 1

The number of the page to return. Pages start from page 1. Default value: 1.

PageSize Integer No 20

The number of entries to return on each page. Default value: 20.

RepoName String No libssh2

The name of the image.

RegionId String No cn-hangzhou

The ID of the region where the assets are deployed.

InstanceId String No 1-qeqewqweeqe

The ID of the asset instance.

RepoId String No xxxxx

The ID of the image repository.

Lang String No zh

The language of the request and response. Valid values:

  • zh: Chinese
  • en: English

Response parameters

Parameter Type Example Description
CurrentPage Integer 1

The page number of the returned page. Pages start from page 1. Default value: 1.

PageSize Integer 20

The number of entries returned on each page. Default value: 20.

RequestId String A3F532DD-1807-4EA0-A76A-B9A7

The ID of the request.

TotalCount Integer 15

The total number of vulnerabilities.

VulRecords Array

The vulnerability information.

AliasName String RHSA-2019:1884-medium: libssh2 security update

The alias of the vulnerability.

ExtendContentJson Struct

The extended content of the vulnerability information.

Os String centos

The type of the operating system.

OsRelease String 7

The version of the operating system that supports the image.

RpmEntityList Array

The RPM package list.

FullVersion String 1.4.3-12.el7_6.2

The complete version number.

Layer String b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587

The image layer.

MatchDetail String libssh2 version less than 0:1.4.3-12.el7_6.3

The reason why the vulnerability is detected.

Name String libssh2

The name of the RPM.

Path String /usr/lib64/libssh2.so.1

The path of the software that has the vulnerability.

UpdateCmd String yum update libssh2

The command that can be run to fix the vulnerability.

Version String 1.4.3

The version of the operating system.

ImageDigest String fffff

Image digests.

LastTs Long 1580808765000

The last time when the vulnerability was detected.

Layers List ["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"]

The image layer list.

ModifyTs Long 1580808765000

The time when the vulnerability record was updated.

Name String oval:com.redhat.rhsa:def:2019

The name of the vulnerability.

Necessity String asap

The priority of the vulnerability. Valid values:

  • asap: The priority is high. We recommend that you fix this vulnerability at the earliest opportunity.
  • later: The priority is medium. You can fix this vulnerability as needed.
  • nntf: The priority is low. You can fix this vulnerability as needed.
PrimaryId Long 11

The ID of the vulnerability.

Related String CVE-2019-3862

The details of the associated vulnerability.

Status Integer 1

The status of the vulnerability. Valid values:

  • 1: unfixed
  • 7: fixed
Tag String oval

The tag of the image vulnerability.

Type String cve

The type of the vulnerability. Set the value to cve.

Uuid String 13231fdafda

The UUID of the server.

Examples

Sample requests

http(s)://[Endpoint]/? Action=DescribeImageVulList
&<Common request parameters>

Sample success responses

XML format

<DescribeImageVulListResponse>
      <TotalCount>15</TotalCount>
      <RequestId>A3F532DD-1807-4EA0-A76A-B9A7</RequestId>
      <PageSize>20</PageSize>
      <VulRecords>
            <Status>1</Status>
            <Type>cve</Type>
            <Uuid>13231fdafda</Uuid>
            <Related>CVE-2019-3862</Related>
            <ModifyTs>1580808765000</ModifyTs>
            <ImageDigest>fffff</ImageDigest>
            <AliasName>RHSA-2019:1884-medium: libssh2 security update </AliasName>
            <LastTs>1580808765000</LastTs>
            <Necessity>asap</Necessity>
            <Tag>oval</Tag>
            <PrimaryId>11</PrimaryId>
            <Name>oval:com.redhat.rhsa:def:2019</Name>
      </VulRecords>
      <VulRecords>
            <Layers>["b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587"]</Layers>
      </VulRecords>
      <VulRecords>
            <ExtendContentJson>
                  <Os>centos</Os>
                  <RpmEntityList>
                        <Path>/usr/lib64/libssh2.so.1</Path>
                        <UpdateCmd>yum update libssh2</UpdateCmd>
                        <Version>1.4.3</Version>
                        <FullVersion>1.4.3-12.el7_6.2</FullVersion>
                        <MatchDetail>libssh2 version less than 0:1.4.3-12.el7_6.3</MatchDetail>
                        <Layer>b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587</Layer>
                        <Name>libssh2</Name>
                  </RpmEntityList>
                  <OsRelease>7</OsRelease>
            </ExtendContentJson>
      </VulRecords>
      <CurrentPage>1</CurrentPage>
</DescribeImageVulListResponse>

JSON format

{
	"TotalCount": "15",
	"RequestId": "A3F532DD-1807-4EA0-A76A-B9A7",
	"PageSize": "20",
	"VulRecords": [{
		"Status": "1",
		"Type": "cve",
		"Uuid": "13231fdafda",
		"Related": "CVE-2019-3862",
		"ModifyTs": "1580808765000",
		"ImageDigest": "fffff",
		"AliasName": "RHSA-2019:1884-medium: libssh2 security update",
		"LastTs": "1580808765000",
		"Necessity": "asap",
		"Tag": "oval",
		"PrimaryId": "11",
		"Name": "oval:com.redhat.rhsa:def:2019"
	}, {
		"Layers": "[\"b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587\"]"
	}, {
		"ExtendContentJson": {
			"Os": "centos",
			"RpmEntityList": [{
				"Path": "/usr/lib64/libssh2.so.1",
				"UpdateCmd": "yum update libssh2",
				"Version": "1.4.3",
				"FullVersion": "1.4.3-12.el7_6.2",
				"MatchDetail": "libssh2 version less than 0:1.4.3-12.el7_6.3",
				"Layer": "b1f5b9420803ad0657cf21566e3e20acc08581e7f22991249ef3aa80b8b1c587",
				"Name": "libssh2"
			}],
			"OsRelease": "7"
		}
	}],
	"CurrentPage": "1"
}

Error codes

For a list of error codes, visit the API Error Center.