Queries the results of a security scan that is created for an image tag.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ListRepoTagScanResult

The operation that you want to perform. Set the value to ListRepoTagScanResult.

RegionId String Yes cn-shanghai

The region ID of the instance.

InstanceId String Yes cri-2j88dtld8yel****

The ID of the instance.

RepoId String Yes crr-uf082u9dg8do****

The ID of the image repository.

Tag String Yes 1

The name of the image tag.

ScanTaskId String No 6b0b094f-8a90-4f8f-b660-2427aed0****

The ID of the security scan task.

PageNo Integer No 1

The number of the page to return.

PageSize Integer No 30

The number of entries to return on each page.

Severity String No High

The severity of the vulnerability. Valid values:

  • High
  • Medium
  • Low
  • Unknown
Digest String No sha256:6b0b094f8a904f8fb6602427aed0d1fa

The digest of the image.

ScanType String No sca

The type of the vulnerability. Valid values:

  • cve: image system vulnerability
  • sca: image application vulnerability
VulQueryKey String No CVE-2021

The keyword for fuzzy query used in scan. The value can be a CVE name.

FilterValue String No FixCmd

The parameter whose value that you want to query. If the value is FixCmd, only the FixCmd parameter is returned.

Response parameters

Parameter Type Example Description
RequestId String 56B5C92F-F5D9-46E0-823F-EC71D1892DAA

The ID of the request.

Code String success

The return value.

PageNo Integer 1

The number of the returned page.

IsSuccess Boolean true

Indicates whether the operation succeeds. Valid values:

  • true: The operation succeeds.
  • false: The operation fails.
PageSize Integer 30

The number of entries returned per page.

TotalCount Integer 196

The total number of vulnerabilities detected on images.

Vulnerabilities Array of Vulnerabilities

The details about the detected vulnerabilities.

Severity String Medium

The severity of the vulnerability.

AddedBy String sha256:123456717b8e40b6480979b739010d8d549989602bcdd07922119aec6f9dbe57

The ID of the image layer where the vulnerability was detected.

CveName String CVE-2009-5155

The name of the vulnerability.

Description String description.

The description of the vulnerability.

Feature String eglibc

The cause of the vulnerability.

Version String 2.19-6.9

The version of the vulnerability.

VersionFormat String dpkg

The format of the vulnerability.

CveLink String https://security-tracker.debian.org/tracker/CVE-2009-5155

The URL of the vulnerability.

VersionFixed String 2.19-18+deb8u5

The version where the vulnerability was fixed.

FixCmd String yum install -y xxx

The command used to fix the vulnerability.

CveLocation String /test.txt

The directory of the vulnerability.

ScanType String cve

The type of the vulnerability. Valid values:

  • cve: image system vulnerability
  • sca: image application vulnerability
AliasName String Vulnerability

The name of the vulnerability.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ListRepoTagScanResult
&InstanceId=cri-2j88dtld8yel****
&RepoId=crr-uf082u9dg8do****
&Tag=1
&ScanTaskId=6b0b094f-8a90-4f8f-b660-2427aed0****
&PageNo=1
&PageSize=30
&Severity=High
&Digest=sha256:6b0b094f8a904f8fb6602427aed0d1fa
&ScanType=sca
&VulQueryKey=CVE-2021
&FilterValue=FixCmd
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ListRepoTagScanResultResponse>
    <RequestId>56B5C92F-F5D9-46E0-823F-EC71D1892DAA</RequestId>
    <Code>success</Code>
    <PageNo>1</PageNo>
    <IsSuccess>true</IsSuccess>
    <PageSize>30</PageSize>
    <TotalCount>196</TotalCount>
    <Vulnerabilities>
        <Severity>Medium</Severity>
        <AddedBy>sha256:123456717b8e40b6480979b739010d8d549989602bcdd07922119aec6f9dbe57</AddedBy>
        <CveName>CVE-2009-5155</CveName>
        <Description>description.</Description>
        <Feature>eglibc</Feature>
        <Version>2.19-6.9</Version>
        <VersionFormat>dpkg</VersionFormat>
        <CveLink>https://security-tracker.debian.org/tracker/CVE-2009-5155</CveLink>
        <VersionFixed>2.19-18+deb8u5</VersionFixed>
        <FixCmd>yum install -y xxx</FixCmd>
        <CveLocation>/test.txt</CveLocation>
        <ScanType>cve</ScanType>
        <AliasName> Vulnerability </AliasName>
    </Vulnerabilities>
</ListRepoTagScanResultResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "56B5C92F-F5D9-46E0-823F-EC71D1892DAA",
  "Code" : "success",
  "PageNo" : 1,
  "IsSuccess" : true,
  "PageSize" : 30,
  "TotalCount" : 196,
  "Vulnerabilities" : {
    "Severity" : "Medium",
    "AddedBy" : "sha256:123456717b8e40b6480979b739010d8d549989602bcdd07922119aec6f9dbe57",
    "CveName" : "CVE-2009-5155",
    "Description" : "description.",
    "Feature" : "eglibc",
    "Version" : "2.19-6.9",
    "VersionFormat" : "dpkg",
    "CveLink" : "https://security-tracker.debian.org/tracker/CVE-2009-5155",
    "VersionFixed" : "2.19-18+deb8u5",
    "FixCmd" : "yum install -y xxx",
    "CveLocation" : "/test.txt",
    "ScanType" : "cve",
    "AliasName" : "Vulnerability"
  }
}

Error codes

For a list of error codes, visit the API Error Center.