Get Impacted Code Repository Vulnerability Policy
GET/api/v30.00/policies/vulnerability/coderepos/impacted
x-prisma-cloud-target-env: {"permission":"policyCodeRepos","saas":true,"self-hosted":true}
x-public: true
Lists the code repositories caught by your policy on a per-rule basis.
To see where Console invokes this endpoint:
- In Console, go to Defend > Vulnerabilities.
- In the Vulnerability rules section, click Show under the Entities in scope column for a rule.
- The endpoint is invoked when the pop-up is displayed.
cURL Request
The following cURL command returns a list of code repositories captured by <RULE_NAME>.
$ curl -k \
-u <USER> \
-X GET 'https://<CONSOLE>/api/v<VERSION>/policies/vulnerability/coderepos/impacted?project=<PROJECT_NAME>&ruleName=<RULE_NAME>'
A successful response contains a list of impacted repositories by a rule within the context of the policy.
Request
Query Parameters
Offsets the result to a specific report count. Offset starts from 0.
Number of reports to retrieve in a page. For PCCE, the maximum limit is 250. For PCEE, the maximum limit is 50. The default value is 50.
Retrieves the result for a search term.
Sorts the result using a key. Refer to the columns in the relevant Prisma Cloud Compute user interface to use them as sort keys.
Sorts the result in reverse order.
Filters the result based on collection names that you have defined in Prisma Cloud Compute.
Scopes the query by cloud provider.
Filters the result based on cloud account IDs.
Scopes the query by resource ID.
Scopes the query by cloud region.
Retrieves the fields that you need in a report. Use the list of fields you want to retrieve. By default, the result shows all fields of data.
RuleName is the rule name to apply.
Responses
- 200
- default
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- Array [
- Array [
- Array [
- Array [
- ]
- Array [
- ]
- ]
- ]
- ]
- Array [
- Array [
- ]
- Array [
- ]
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- Array [
- ]
- Array [
- ]
- ]
- Array [
- ]
- Array [
- ]
- Array [
- Array [
- Array [
- ]
- Array [
- ]
- ]
- ]
- Array [
- ]
- Array [
- Array [
- Array [
- ]
- Array [
- ]
- ]
- ]
- Array [
- Array [
- Array [
- ]
- ]
- ]
- Array [
- ]
- Array [
- ]
- Array [
- Array [
- ]
- Array [
- ]
- ]
- ]
Scan report ID in the database.
List of matching code repo collections.
Code repository's compliance risk score. Used for sorting.
files object[]
Scan result for each manifest file in the repository.
dependencies object[]
Packages listed in the manifest file.
Indicates if this dependency is used only for the development of the package (true) or not (false).
Date/time of the last version resolution. If the value is zero, it means the version is explicit and does not require resolving.
Maximum severity of the detected licenses according to the compliance policy.
Possible values: [0BSD,AAL,ADSL,AFL-1.1,AFL-1.2,AFL-2.0,AFL-2.1,AFL-3.0,AGPL-1.0,AGPL-1.0-only,AGPL-1.0-or-later,AGPL-3.0,AGPL-3.0-only,AGPL-3.0-or-later,AMDPLPA,AML,AMPAS,ANTLR-PD,ANTLR-PD-fallback,APAFML,APL-1.0,APSL-1.0,APSL-1.1,APSL-1.2,APSL-2.0,Abstyles,Adobe-2006,Adobe-Glyph,Afmparse,Aladdin,Apache-1.0,Apache-1.1,Apache-2.0,Artistic-1.0,Artistic-1.0-Perl,Artistic-1.0-cl8,Artistic-2.0,BSD-1-Clause,BSD-2-Clause,BSD-2-Clause-FreeBSD,BSD-2-Clause-NetBSD,BSD-2-Clause-Patent,BSD-2-Clause-Views,BSD-3-Clause,BSD-3-Clause-Attribution,BSD-3-Clause-Clear,BSD-3-Clause-LBNL,BSD-3-Clause-No-Nuclear-License,BSD-3-Clause-No-Nuclear-License-2014,BSD-3-Clause-No-Nuclear-Warranty,BSD-3-Clause-Open-MPI,BSD-4-Clause,BSD-4-Clause-UC,BSD-Protection,BSD-Source-Code,BSL-1.0,BUSL-1.1,Bahyph,Barr,Beerware,BitTorrent-1.0,BitTorrent-1.1,BlueOak-1.0.0,Borceux,CAL-1.0,CAL-1.0-Combined-Work-Exception,CATOSL-1.1,CC-BY-1.0,CC-BY-2.0,CC-BY-2.5,CC-BY-3.0,CC-BY-3.0-AT,CC-BY-3.0-US,CC-BY-4.0,CC-BY-NC-1.0,CC-BY-NC-2.0,CC-BY-NC-2.5,CC-BY-NC-3.0,CC-BY-NC-4.0,CC-BY-NC-ND-1.0,CC-BY-NC-ND-2.0,CC-BY-NC-ND-2.5,CC-BY-NC-ND-3.0,CC-BY-NC-ND-3.0-IGO,CC-BY-NC-ND-4.0,CC-BY-NC-SA-1.0,CC-BY-NC-SA-2.0,CC-BY-NC-SA-2.5,CC-BY-NC-SA-3.0,CC-BY-NC-SA-4.0,CC-BY-ND-1.0,CC-BY-ND-2.0,CC-BY-ND-2.5,CC-BY-ND-3.0,CC-BY-ND-4.0,CC-BY-SA-1.0,CC-BY-SA-2.0,CC-BY-SA-2.0-UK,CC-BY-SA-2.5,CC-BY-SA-3.0,CC-BY-SA-3.0-AT,CC-BY-SA-4.0,CC-PDDC,CC0-1.0,CDDL-1.0,CDDL-1.1,CDLA-Permissive-1.0,CDLA-Sharing-1.0,CECILL-1.0,CECILL-1.1,CECILL-2.0,CECILL-2.1,CECILL-B,CECILL-C,CERN-OHL-1.1,CERN-OHL-1.2,CERN-OHL-P-2.0,CERN-OHL-S-2.0,CERN-OHL-W-2.0,CNRI-Jython,CNRI-Python,CNRI-Python-GPL-Compatible,CPAL-1.0,CPL-1.0,CPOL-1.02,CUA-OPL-1.0,Caldera,ClArtistic,Condor-1.1,Crossword,CrystalStacker,Cube,D-FSL-1.0,DOC,DSDP,Dotseqn,ECL-1.0,ECL-2.0,EFL-1.0,EFL-2.0,EPICS,EPL-1.0,EPL-2.0,EUDatagrid,EUPL-1.0,EUPL-1.1,EUPL-1.2,Entessa,ErlPL-1.1,Eurosym,FSFAP,FSFUL,FSFULLR,FTL,Fair,Frameworx-1.0,FreeImage,GFDL-1.1,GFDL-1.1-invariants-only,GFDL-1.1-invariants-or-later,GFDL-1.1-no-invariants-only,GFDL-1.1-no-invariants-or-later,GFDL-1.1-only,GFDL-1.1-or-later,GFDL-1.2,GFDL-1.2-invariants-only,GFDL-1.2-invariants-or-later,GFDL-1.2-no-invariants-only,GFDL-1.2-no-invariants-or-later,GFDL-1.2-only,GFDL-1.2-or-later,GFDL-1.3,GFDL-1.3-invariants-only,GFDL-1.3-invariants-or-later,GFDL-1.3-no-invariants-only,GFDL-1.3-no-invariants-or-later,GFDL-1.3-only,GFDL-1.3-or-later,GL2PS,GLWTPL,GPL-1.0,GPL-1.0+,GPL-1.0-only,GPL-1.0-or-later,GPL-2.0,GPL-2.0+,GPL-2.0-only,GPL-2.0-or-later,GPL-2.0-with-GCC-exception,GPL-2.0-with-autoconf-exception,GPL-2.0-with-bison-exception,GPL-2.0-with-classpath-exception,GPL-2.0-with-font-exception,GPL-3.0,GPL-3.0+,GPL-3.0-only,GPL-3.0-or-later,GPL-3.0-with-GCC-exception,GPL-3.0-with-autoconf-exception,Giftware,Glide,Glulxe,HPND,HPND-sell-variant,HTMLTIDY,HaskellReport,Hippocratic-2.1,IBM-pibs,ICU,IJG,IPA,IPL-1.0,ISC,ImageMagick,Imlib2,Info-ZIP,Intel,Intel-ACPI,Interbase-1.0,JPNIC,JSON,JasPer-2.0,LAL-1.2,LAL-1.3,LGPL-2.0,LGPL-2.0+,LGPL-2.0-only,LGPL-2.0-or-later,LGPL-2.1,LGPL-2.1+,LGPL-2.1-only,LGPL-2.1-or-later,LGPL-3.0,LGPL-3.0+,LGPL-3.0-only,LGPL-3.0-or-later,LGPLLR,LPL-1.0,LPL-1.02,LPPL-1.0,LPPL-1.1,LPPL-1.2,LPPL-1.3a,LPPL-1.3c,Latex2e,Leptonica,LiLiQ-P-1.1,LiLiQ-R-1.1,LiLiQ-Rplus-1.1,Libpng,Linux-OpenIB,MIT,MIT-0,MIT-CMU,MIT-advertising,MIT-enna,MIT-feh,MIT-open-group,MITNFA,MPL-1.0,MPL-1.1,MPL-2.0,MPL-2.0-no-copyleft-exception,MS-PL,MS-RL,MTLL,MakeIndex,MirOS,Motosoto,MulanPSL-1.0,MulanPSL-2.0,Multics,Mup,NASA-1.3,NBPL-1.0,NCGL-UK-2.0,NCSA,NGPL,NIST-PD,NIST-PD-fallback,NLOD-1.0,NLPL,NOSL,NPL-1.0,NPL-1.1,NPOSL-3.0,NRL,NTP,NTP-0,Naumen,Net-SNMP,NetCDF,Newsletr,Nokia,Noweb,Nunit,O-UDA-1.0,OCCT-PL,OCLC-2.0,ODC-By-1.0,ODbL-1.0,OFL-1.0,OFL-1.0-RFN,OFL-1.0-no-RFN,OFL-1.1,OFL-1.1-RFN,OFL-1.1-no-RFN,OGC-1.0,OGL-Canada-2.0,OGL-UK-1.0,OGL-UK-2.0,OGL-UK-3.0,OGTSL,OLDAP-1.1,OLDAP-1.2,OLDAP-1.3,OLDAP-1.4,OLDAP-2.0,OLDAP-2.0.1,OLDAP-2.1,OLDAP-2.2,OLDAP-2.2.1,OLDAP-2.2.2,OLDAP-2.3,OLDAP-2.4,OLDAP-2.5,OLDAP-2.6,OLDAP-2.7,OLDAP-2.8,OML,OPL-1.0,OSET-PL-2.1,OSL-1.0,OSL-1.1,OSL-2.0,OSL-2.1,OSL-3.0,OpenSSL,PDDL-1.0,PHP-3.0,PHP-3.01,PSF-2.0,Parity-6.0.0,Parity-7.0.0,Plexus,PolyForm-Noncommercial-1.0.0,PolyForm-Small-Business-1.0.0,PostgreSQL,Python-2.0,QPL-1.0,Qhull,RHeCos-1.1,RPL-1.1,RPL-1.5,RPSL-1.0,RSA-MD,RSCPL,Rdisc,Ruby,SAX-PD,SCEA,SGI-B-1.0,SGI-B-1.1,SGI-B-2.0,SHL-0.5,SHL-0.51,SISSL,SISSL-1.2,SMLNJ,SMPPL,SNIA,SPL-1.0,SSH-OpenSSH,SSH-short,SSPL-1.0,SWL,Saxpath,Sendmail,Sendmail-8.23,SimPL-2.0,Sleepycat,Spencer-86,Spencer-94,Spencer-99,StandardML-NJ,SugarCRM-1.1.3,TAPR-OHL-1.0,TCL,TCP-wrappers,TMate,TORQUE-1.1,TOSL,TU-Berlin-1.0,TU-Berlin-2.0,UCL-1.0,UPL-1.0,Unicode-DFS-2015,Unicode-DFS-2016,Unicode-TOU,Unlicense,VOSTROM,VSL-1.0,Vim,W3C,W3C-19980720,W3C-20150513,WTFPL,Watcom-1.0,Wsuipa,X11,XFree86-1.1,XSkat,Xerox,Xnet,YPL-1.0,YPL-1.1,ZPL-1.1,ZPL-2.0,ZPL-2.1,Zed,Zend-2.0,Zimbra-1.3,Zimbra-1.4,Zlib,blessing,bzip2-1.0.5,bzip2-1.0.6,copyleft-next-0.3.0,copyleft-next-0.3.1,curl,diffmark,dvipdfm,eCos-2.0,eGenix,etalab-2.0,gSOAP-1.3b,gnuplot,iMatix,libpng-2.0,libselinux-1.0,libtiff,mpich2,psfrag,psutils,wxWindows,xinetd,xpp,zlib-acknowledgement]
Detected licenses of the dependant package.
Package name that the dependency refers to.
Line in which the package is declared.
Indicates if this package is unsupported by the remote package manager DB (e.g., due to a bad name or private package) (true) or not (false).
Package version, either explicitly specified in a manifest or resolved by the scanner.
vulnerabilities object[]
Vulnerabilities in the package.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
distribution object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
Path to the file.
Possible values: [nodejs,gem,python,jar,package,windows,binary,nuget,go]
PackageType describes the package type
Indicates whether the scan passed or failed.
repository object
Repository is the metadata for a code repository
CI build.
Default branch in the repository, usually master.
Repository content digest. Used to indicate if the content of the repository has changed.
Full name that represents the repository (
CI job name.
Repository name.
GitHub username or organization name of the repository's owner.
Indicates if the repository is private (true) or not (false).
Size of the repository (in KB).
URL is the repository address.
Date/time when this repository was last scanned. The results might be from the DB and not updated if the repository contents have not changed.
Possible values: [github,CI]
CodeRepoProviderType is the type of provider for the code repository, e.g., GitHub, GitLab etc
Date/time when this repository was last updated.
vulnInfo object
ImageInfo contains image information collected during image scan
Secrets are paths to embedded secrets inside the image Note: capital letter JSON annotation is kept to avoid converting all images for backward-compatibility support.
allCompliance object
AllCompliance contains data regarding passed compliance checks
compliance object[]
Compliance are all the passed compliance checks.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
Enabled indicates whether passed compliance checks is enabled by policy.
applications object[]
Products in the image.
Indicates that the app was installed as an OS package.
Total number of vulnerabilities for this application.
Image layer to which the application belongs - layer creation time.
Name of the application.
Path of the detected application.
Service indicates whether the application is installed as a service.
Version of the application.
Image’s base image name. Used when filtering the vulnerabilities by base images.
binaries object[]
Binaries in the image.
Indicates if the binary was installed from a package manager and modified/replaced (true) or not (false).
Total number of CVEs for this specific binary.
Third-party package files which are used by the binary.
ID of the serverless layer in which the package was discovered.
Md5 hashset of the binary.
Indicates if this binary is not related to any package (true) or not (false).
Name of the binary.
Relative path of the binary inside the container.
Path for searching packages used by the binary.
Names of services which use the binary.
Version of the binary.
cloudMetadata object
CloudMetadata is the metadata for an instance running in a cloud provider (AWS/GCP/Azure)
Cloud account ID.
AWS execution environment (e.g. EC2/Fargate).
Image name.
labels object[]
Cloud provider metadata labels.
Label key.
Source name (e.g., for a namespace, the source name can be 'twistlock').
Possible values: [namespace,deployment,aws,azure,gcp,oci]
ExternalLabelSourceType indicates the source of the labels
Time when the label was fetched.
Value of the label.
Instance name.
Possible values: [aws,azure,gcp,alibaba,oci,others]
CloudProvider represents the cloud provider
Instance region.
Unique ID of the resource.
Server-defined URL for the resource.
Instance type.
Azure unique vm ID.
VMImageID holds the VM image ID.
Possible values: [AKS,ECS,EKS,GKE,Kubernetes]
ClusterType is the cluster type
Cluster names.
complianceDistribution object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
complianceIssues object[]
All the compliance issues.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
Number of compliance issues.
Compliance risk score for the image.
Specifies the time of creation for the latest version of the image.
Full name of the distribution.
ECS cluster name.
externalLabels object[]
Kubernetes external labels of all containers running this image.
Label key.
Source name (e.g., for a namespace, the source name can be 'twistlock').
Possible values: [namespace,deployment,aws,azure,gcp,oci]
ExternalLabelSourceType indicates the source of the labels
Time when the label was fetched.
Value of the label.
files object[]
Files in the container.
Hash sum of the file using md5.
Path of the file.
Hash sum of the file using SHA-1.
Hash sum of the file using SHA256.
Specifies the time of the scan for the first version of the image. This time is preserved even after the version update.
history object[]
Docker image history.
Indicates if this layer originated from the base image (true) or not (false).
Date/time when the image layer was created.
Indicates if this instruction didn't create a separate layer (true) or not (false).
ID of the layer.
Docker file instruction and arguments used to create this layer.
Size of the layer (in bytes).
Holds the image tags.
vulnerabilities object[]
Vulnerabilities which originated from this layer.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
hostDevices object[]
Map from host network device name to IP address.
Network device IPv4 address.
Network device name.
Image ID.
image object
Image represents a container image
Date/time when the image was created.
Combined entrypoint of the image (entrypoint + CMD).
Image environment variables.
Indicates if health checks are enabled (true) or not (false).
history object[]
Holds the image history.
Indicates if this layer originated from the base image (true) or not (false).
Date/time when the image layer was created.
Indicates if this instruction didn't create a separate layer (true) or not (false).
ID of the layer.
Docker file instruction and arguments used to create this layer.
Size of the layer (in bytes).
Holds the image tags.
vulnerabilities object[]
Vulnerabilities which originated from this layer.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
ID of the image.
labels object
Image labels.
Image filesystem layers.
Image os type.
Image repo digests.
Image repo tags.
Image user.
Base working directory of the image.
installedProducts object
InstalledProducts contains data regarding products running in environment TODO #34713: Swarm support was deprecated in Joule, remove swarm node/manager boolean (and related compliance) in Lagrange
Agentless indicates whether the scan was performed with agentless approach.
Apache indicates the apache server version, empty in case apache not running.
AWSCloud indicates whether AWS cloud is used.
CRI indicates whether the container runtime is CRI (and not docker).
Docker represents the docker daemon version.
DockerEnterprise indicates whether the enterprise version of Docker is installed.
HasPackageManager indicates whether package manager is installed on the OS.
K8sAPIServer indicates whether a kubernetes API server is running.
K8sControllerManager indicates whether a kubernetes controller manager is running.
K8sEtcd indicates whether etcd is running.
K8sFederationAPIServer indicates whether a federation API server is running.
K8sFederationControllerManager indicates whether a federation controller manager is running.
K8sKubelet indicates whether kubelet is running.
K8sProxy indicates whether a kubernetes proxy is running.
K8sScheduler indicates whether the kubernetes scheduler is running.
Kubernetes represents the kubernetes version.
Openshift indicates whether openshift is deployed.
OpenshiftVersion represents the running openshift version.
OSDistro specifies the os distribution.
Serverless indicates whether evaluated on a serverless environment.
SwarmManager indicates whether a swarm manager is running.
SwarmNode indicates whether the node is part of an active swarm.
IsARM64 indicates if the architecture of the image is aarch64.
Endpoint of the Kubernetes API server.
Image labels.
Image's filesystem layers. Each layer is a SHA256 digest of the filesystem diff See: https://windsock.io/explaining-docker-image-ids/.
Indicates if the image OS is covered in the IS (true) or not (false).
k8s namespaces of all the containers running this image.
Name of the OS distribution.
OS distribution release.
OS distribution version.
PackageCorrelationDone indicates that the correlation to OS packages has been done.
Indicates if the package manager is installed for the OS.
packages object[]
Packages which exist in the image.
pkgs object[]
List of packages.
Indexes of the top binaries which use the package.
Names of the distro binary packages (packages which are built on the source of the package).
Total number of CVEs for this specific package.
files object[]
List of package-related files and their hashes. Only included when the appropriate scan option is set.
Hash sum of the file using md5.
Path of the file.
Hash sum of the file using SHA-1.
Hash sum of the file using SHA256.
ID of the serverless layer in which the package was discovered.
GoPkg indicates this is a Go package (and not module).
JarIdentifier holds an additional identification detail of a JAR package.
Image layer to which the package belongs (layer creation time).
License information for the package.
Name of the package.
OSPackage indicates that a python/java package was installed as an OS package.
Full package path (e.g., JAR or Node.js package path).
Package version.
Possible values: [nodejs,gem,python,jar,package,windows,binary,nuget,go]
PackageType describes the package type
PushTime is the image push time to the registry.
IBM cloud namespace to which the image belongs.
RegistryType indicates the registry type where the image is stored.
Digests of the image. Used for content trust (notary). Has one digest per tag.
repoTag object
ImageTag represents an image repository and its associated tag or registry digest
Image digest (requires V2 or later registry).
ID of the image.
Registry name to which the image belongs.
Repository name to which the image belongs.
Image tag.
RhelRepositories are the (RPM) repositories IDs from which the packages in this image were installed Used for matching vulnerabilities by Red Hat CPEs.
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Scanner build date that published the image.
Scanner version that published the image.
startupBinaries object[]
Binaries which are expected to run when the container is created from this image.
Indicates if the binary was installed from a package manager and modified/replaced (true) or not (false).
Total number of CVEs for this specific binary.
Third-party package files which are used by the binary.
ID of the serverless layer in which the package was discovered.
Md5 hashset of the binary.
Indicates if this binary is not related to any package (true) or not (false).
Name of the binary.
Relative path of the binary inside the container.
Path for searching packages used by the binary.
Names of services which use the binary.
Version of the binary.
tags object[]
Tags associated with the given image.
Image digest (requires V2 or later registry).
ID of the image.
Registry name to which the image belongs.
Repository name to which the image belongs.
Image tag.
SHA256 of the image's last layer that is the last element of the Layers field.
Indicates if the image is a Twistlock image (true) or not (false).
vulnerabilities object[]
CVE vulnerabilities of the image.
Rules applied on the package.
Names of the distro binary package names (packages which are built from the source of the package).
Indicates if the vulnerability has a block effect (true) or not (false).
Additional information regarding the root cause for the vulnerability.
Indicates if this is a CRI-specific vulnerability (true) or not (false).
Indicates if the vulnerability is a custom vulnerability (e.g., openscap, sandbox) (true) or not (false).
CVE ID of the vulnerability (if applied).
CVSS score of the vulnerability.
Description of the vulnerability.
Specifies the time of discovery for the vulnerability.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
exploits object[]
Exploits represents the exploits data found for a CVE
Possible values: [poc,in-the-wild]
ExploitKind represents the kind of the exploit
Link is a link to information about the exploit.
Possible values: [,exploit-db,exploit-windows,cisa-kev]
ExploitType represents the source of an exploit
Date/time when the vulnerability was fixed (in Unix time).
Link to the vendor's fixed-version information.
Specifies the serverless layer ID in which the vulnerability was discovered.
Number of grace days left for a vulnerability, based on the configured grace period. Nil if no block vulnerability rule applies.
ID of the violation.
Date/time of the image layer to which the CVE belongs.
Vendor link to the CVE.
Name of the package that caused the vulnerability.
Version of the package that caused the vulnerability (or null).
Date/time when the vulnerability was published (in Unix time).
riskFactors object
RiskFactors maps the existence of vulnerability risk factors
Textual representation of the vulnerability's severity.
Vendor status for the vulnerability.
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
List of templates with which the vulnerability is associated.
Description of the violation.
Compliance title.
Indicates if this is a Twistlock-specific vulnerability (true) or not (false).
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
Textual representation of the metric values used to score the vulnerability.
vulnTagInfos object[]
Tag information for the vulnerability.
Color is a hexadecimal representation of color code value
Tag comment in a specific vulnerability context.
Name of the tag.
Total number of vulnerabilities.
vulnerabilityDistribution object
Distribution counts the number of vulnerabilities per type
.
.
.
.
.
Image's CVE risk score.
Code repository's CVE risk score. Used for sorting.
Counts how many files have vulnerabilities. Vulnerability info is calculated on demand.
[
{
"_id": "string",
"collections": [
"string"
],
"complianceRiskScore": 0,
"files": [
{
"dependencies": [
{
"devDependency": true,
"lastResolved": "2023-11-20T16:36:44.237Z",
"licenseSeverity": "string",
"licenses": [
[
"0BSD",
"AAL",
"ADSL",
"AFL-1.1",
"AFL-1.2",
"AFL-2.0",
"AFL-2.1",
"AFL-3.0",
"AGPL-1.0",
"AGPL-1.0-only",
"AGPL-1.0-or-later",
"AGPL-3.0",
"AGPL-3.0-only",
"AGPL-3.0-or-later",
"AMDPLPA",
"AML",
"AMPAS",
"ANTLR-PD",
"ANTLR-PD-fallback",
"APAFML",
"APL-1.0",
"APSL-1.0",
"APSL-1.1",
"APSL-1.2",
"APSL-2.0",
"Abstyles",
"Adobe-2006",
"Adobe-Glyph",
"Afmparse",
"Aladdin",
"Apache-1.0",
"Apache-1.1",
"Apache-2.0",
"Artistic-1.0",
"Artistic-1.0-Perl",
"Artistic-1.0-cl8",
"Artistic-2.0",
"BSD-1-Clause",
"BSD-2-Clause",
"BSD-2-Clause-FreeBSD",
"BSD-2-Clause-NetBSD",
"BSD-2-Clause-Patent",
"BSD-2-Clause-Views",
"BSD-3-Clause",
"BSD-3-Clause-Attribution",
"BSD-3-Clause-Clear",
"BSD-3-Clause-LBNL",
"BSD-3-Clause-No-Nuclear-License",
"BSD-3-Clause-No-Nuclear-License-2014",
"BSD-3-Clause-No-Nuclear-Warranty",
"BSD-3-Clause-Open-MPI",
"BSD-4-Clause",
"BSD-4-Clause-UC",
"BSD-Protection",
"BSD-Source-Code",
"BSL-1.0",
"BUSL-1.1",
"Bahyph",
"Barr",
"Beerware",
"BitTorrent-1.0",
"BitTorrent-1.1",
"BlueOak-1.0.0",
"Borceux",
"CAL-1.0",
"CAL-1.0-Combined-Work-Exception",
"CATOSL-1.1",
"CC-BY-1.0",
"CC-BY-2.0",
"CC-BY-2.5",
"CC-BY-3.0",
"CC-BY-3.0-AT",
"CC-BY-3.0-US",
"CC-BY-4.0",
"CC-BY-NC-1.0",
"CC-BY-NC-2.0",
"CC-BY-NC-2.5",
"CC-BY-NC-3.0",
"CC-BY-NC-4.0",
"CC-BY-NC-ND-1.0",
"CC-BY-NC-ND-2.0",
"CC-BY-NC-ND-2.5",
"CC-BY-NC-ND-3.0",
"CC-BY-NC-ND-3.0-IGO",
"CC-BY-NC-ND-4.0",
"CC-BY-NC-SA-1.0",
"CC-BY-NC-SA-2.0",
"CC-BY-NC-SA-2.5",
"CC-BY-NC-SA-3.0",
"CC-BY-NC-SA-4.0",
"CC-BY-ND-1.0",
"CC-BY-ND-2.0",
"CC-BY-ND-2.5",
"CC-BY-ND-3.0",
"CC-BY-ND-4.0",
"CC-BY-SA-1.0",
"CC-BY-SA-2.0",
"CC-BY-SA-2.0-UK",
"CC-BY-SA-2.5",
"CC-BY-SA-3.0",
"CC-BY-SA-3.0-AT",
"CC-BY-SA-4.0",
"CC-PDDC",
"CC0-1.0",
"CDDL-1.0",
"CDDL-1.1",
"CDLA-Permissive-1.0",
"CDLA-Sharing-1.0",
"CECILL-1.0",
"CECILL-1.1",
"CECILL-2.0",
"CECILL-2.1",
"CECILL-B",
"CECILL-C",
"CERN-OHL-1.1",
"CERN-OHL-1.2",
"CERN-OHL-P-2.0",
"CERN-OHL-S-2.0",
"CERN-OHL-W-2.0",
"CNRI-Jython",
"CNRI-Python",
"CNRI-Python-GPL-Compatible",
"CPAL-1.0",
"CPL-1.0",
"CPOL-1.02",
"CUA-OPL-1.0",
"Caldera",
"ClArtistic",
"Condor-1.1",
"Crossword",
"CrystalStacker",
"Cube",
"D-FSL-1.0",
"DOC",
"DSDP",
"Dotseqn",
"ECL-1.0",
"ECL-2.0",
"EFL-1.0",
"EFL-2.0",
"EPICS",
"EPL-1.0",
"EPL-2.0",
"EUDatagrid",
"EUPL-1.0",
"EUPL-1.1",
"EUPL-1.2",
"Entessa",
"ErlPL-1.1",
"Eurosym",
"FSFAP",
"FSFUL",
"FSFULLR",
"FTL",
"Fair",
"Frameworx-1.0",
"FreeImage",
"GFDL-1.1",
"GFDL-1.1-invariants-only",
"GFDL-1.1-invariants-or-later",
"GFDL-1.1-no-invariants-only",
"GFDL-1.1-no-invariants-or-later",
"GFDL-1.1-only",
"GFDL-1.1-or-later",
"GFDL-1.2",
"GFDL-1.2-invariants-only",
"GFDL-1.2-invariants-or-later",
"GFDL-1.2-no-invariants-only",
"GFDL-1.2-no-invariants-or-later",
"GFDL-1.2-only",
"GFDL-1.2-or-later",
"GFDL-1.3",
"GFDL-1.3-invariants-only",
"GFDL-1.3-invariants-or-later",
"GFDL-1.3-no-invariants-only",
"GFDL-1.3-no-invariants-or-later",
"GFDL-1.3-only",
"GFDL-1.3-or-later",
"GL2PS",
"GLWTPL",
"GPL-1.0",
"GPL-1.0+",
"GPL-1.0-only",
"GPL-1.0-or-later",
"GPL-2.0",
"GPL-2.0+",
"GPL-2.0-only",
"GPL-2.0-or-later",
"GPL-2.0-with-GCC-exception",
"GPL-2.0-with-autoconf-exception",
"GPL-2.0-with-bison-exception",
"GPL-2.0-with-classpath-exception",
"GPL-2.0-with-font-exception",
"GPL-3.0",
"GPL-3.0+",
"GPL-3.0-only",
"GPL-3.0-or-later",
"GPL-3.0-with-GCC-exception",
"GPL-3.0-with-autoconf-exception",
"Giftware",
"Glide",
"Glulxe",
"HPND",
"HPND-sell-variant",
"HTMLTIDY",
"HaskellReport",
"Hippocratic-2.1",
"IBM-pibs",
"ICU",
"IJG",
"IPA",
"IPL-1.0",
"ISC",
"ImageMagick",
"Imlib2",
"Info-ZIP",
"Intel",
"Intel-ACPI",
"Interbase-1.0",
"JPNIC",
"JSON",
"JasPer-2.0",
"LAL-1.2",
"LAL-1.3",
"LGPL-2.0",
"LGPL-2.0+",
"LGPL-2.0-only",
"LGPL-2.0-or-later",
"LGPL-2.1",
"LGPL-2.1+",
"LGPL-2.1-only",
"LGPL-2.1-or-later",
"LGPL-3.0",
"LGPL-3.0+",
"LGPL-3.0-only",
"LGPL-3.0-or-later",
"LGPLLR",
"LPL-1.0",
"LPL-1.02",
"LPPL-1.0",
"LPPL-1.1",
"LPPL-1.2",
"LPPL-1.3a",
"LPPL-1.3c",
"Latex2e",
"Leptonica",
"LiLiQ-P-1.1",
"LiLiQ-R-1.1",
"LiLiQ-Rplus-1.1",
"Libpng",
"Linux-OpenIB",
"MIT",
"MIT-0",
"MIT-CMU",
"MIT-advertising",
"MIT-enna",
"MIT-feh",
"MIT-open-group",
"MITNFA",
"MPL-1.0",
"MPL-1.1",
"MPL-2.0",
"MPL-2.0-no-copyleft-exception",
"MS-PL",
"MS-RL",
"MTLL",
"MakeIndex",
"MirOS",
"Motosoto",
"MulanPSL-1.0",
"MulanPSL-2.0",
"Multics",
"Mup",
"NASA-1.3",
"NBPL-1.0",
"NCGL-UK-2.0",
"NCSA",
"NGPL",
"NIST-PD",
"NIST-PD-fallback",
"NLOD-1.0",
"NLPL",
"NOSL",
"NPL-1.0",
"NPL-1.1",
"NPOSL-3.0",
"NRL",
"NTP",
"NTP-0",
"Naumen",
"Net-SNMP",
"NetCDF",
"Newsletr",
"Nokia",
"Noweb",
"Nunit",
"O-UDA-1.0",
"OCCT-PL",
"OCLC-2.0",
"ODC-By-1.0",
"ODbL-1.0",
"OFL-1.0",
"OFL-1.0-RFN",
"OFL-1.0-no-RFN",
"OFL-1.1",
"OFL-1.1-RFN",
"OFL-1.1-no-RFN",
"OGC-1.0",
"OGL-Canada-2.0",
"OGL-UK-1.0",
"OGL-UK-2.0",
"OGL-UK-3.0",
"OGTSL",
"OLDAP-1.1",
"OLDAP-1.2",
"OLDAP-1.3",
"OLDAP-1.4",
"OLDAP-2.0",
"OLDAP-2.0.1",
"OLDAP-2.1",
"OLDAP-2.2",
"OLDAP-2.2.1",
"OLDAP-2.2.2",
"OLDAP-2.3",
"OLDAP-2.4",
"OLDAP-2.5",
"OLDAP-2.6",
"OLDAP-2.7",
"OLDAP-2.8",
"OML",
"OPL-1.0",
"OSET-PL-2.1",
"OSL-1.0",
"OSL-1.1",
"OSL-2.0",
"OSL-2.1",
"OSL-3.0",
"OpenSSL",
"PDDL-1.0",
"PHP-3.0",
"PHP-3.01",
"PSF-2.0",
"Parity-6.0.0",
"Parity-7.0.0",
"Plexus",
"PolyForm-Noncommercial-1.0.0",
"PolyForm-Small-Business-1.0.0",
"PostgreSQL",
"Python-2.0",
"QPL-1.0",
"Qhull",
"RHeCos-1.1",
"RPL-1.1",
"RPL-1.5",
"RPSL-1.0",
"RSA-MD",
"RSCPL",
"Rdisc",
"Ruby",
"SAX-PD",
"SCEA",
"SGI-B-1.0",
"SGI-B-1.1",
"SGI-B-2.0",
"SHL-0.5",
"SHL-0.51",
"SISSL",
"SISSL-1.2",
"SMLNJ",
"SMPPL",
"SNIA",
"SPL-1.0",
"SSH-OpenSSH",
"SSH-short",
"SSPL-1.0",
"SWL",
"Saxpath",
"Sendmail",
"Sendmail-8.23",
"SimPL-2.0",
"Sleepycat",
"Spencer-86",
"Spencer-94",
"Spencer-99",
"StandardML-NJ",
"SugarCRM-1.1.3",
"TAPR-OHL-1.0",
"TCL",
"TCP-wrappers",
"TMate",
"TORQUE-1.1",
"TOSL",
"TU-Berlin-1.0",
"TU-Berlin-2.0",
"UCL-1.0",
"UPL-1.0",
"Unicode-DFS-2015",
"Unicode-DFS-2016",
"Unicode-TOU",
"Unlicense",
"VOSTROM",
"VSL-1.0",
"Vim",
"W3C",
"W3C-19980720",
"W3C-20150513",
"WTFPL",
"Watcom-1.0",
"Wsuipa",
"X11",
"XFree86-1.1",
"XSkat",
"Xerox",
"Xnet",
"YPL-1.0",
"YPL-1.1",
"ZPL-1.1",
"ZPL-2.0",
"ZPL-2.1",
"Zed",
"Zend-2.0",
"Zimbra-1.3",
"Zimbra-1.4",
"Zlib",
"blessing",
"bzip2-1.0.5",
"bzip2-1.0.6",
"copyleft-next-0.3.0",
"copyleft-next-0.3.1",
"curl",
"diffmark",
"dvipdfm",
"eCos-2.0",
"eGenix",
"etalab-2.0",
"gSOAP-1.3b",
"gnuplot",
"iMatix",
"libpng-2.0",
"libselinux-1.0",
"libtiff",
"mpich2",
"psfrag",
"psutils",
"wxWindows",
"xinetd",
"xpp",
"zlib-acknowledgement"
]
],
"name": "string",
"rawRequirement": "string",
"unsupported": true,
"version": "string",
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.237Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
]
}
],
"distribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"path": "string",
"type": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go"
]
}
],
"pass": true,
"repository": {
"build": "string",
"defaultBranch": "string",
"digest": "string",
"fullName": "string",
"jobName": "string",
"name": "string",
"owner": "string",
"private": true,
"size": 0,
"url": "string"
},
"scanTime": "2023-11-20T16:36:44.237Z",
"type": [
"github",
"CI"
],
"updateTime": "2023-11-20T16:36:44.237Z",
"vulnInfo": {
"Secrets": [
"string"
],
"allCompliance": {
"compliance": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.238Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
],
"enabled": true
},
"applications": [
{
"installedFromPackage": true,
"knownVulnerabilities": 0,
"layerTime": 0,
"name": "string",
"path": "string",
"service": true,
"version": "string"
}
],
"baseImage": "string",
"binaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"cloudMetadata": {
"accountID": "string",
"awsExecutionEnv": "string",
"image": "string",
"labels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment",
"aws",
"azure",
"gcp",
"oci"
],
"timestamp": "2023-11-20T16:36:44.238Z",
"value": "string"
}
],
"name": "string",
"provider": [
"aws",
"azure",
"gcp",
"alibaba",
"oci",
"others"
],
"region": "string",
"resourceID": "string",
"resourceURL": "string",
"type": "string",
"vmID": "string",
"vmImageID": "string"
},
"clusterType": [
"AKS",
"ECS",
"EKS",
"GKE",
"Kubernetes"
],
"clusters": [
"string"
],
"complianceDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"complianceIssues": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.238Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
],
"complianceIssuesCount": 0,
"complianceRiskScore": 0,
"creationTime": "2023-11-20T16:36:44.238Z",
"distro": "string",
"ecsClusterName": "string",
"externalLabels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment",
"aws",
"azure",
"gcp",
"oci"
],
"timestamp": "2023-11-20T16:36:44.238Z",
"value": "string"
}
],
"files": [
{
"md5": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"firstScanTime": "2023-11-20T16:36:44.238Z",
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.239Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
]
}
],
"hostDevices": [
{
"ip": "string",
"name": "string"
}
],
"id": "string",
"image": {
"created": "2023-11-20T16:36:44.239Z",
"entrypoint": [
"string"
],
"env": [
"string"
],
"healthcheck": true,
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.239Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
]
}
],
"id": "string",
"labels": {},
"layers": [
"string"
],
"os": "string",
"repoDigest": [
"string"
],
"repoTags": [
"string"
],
"user": "string",
"workingDir": "string"
},
"installedProducts": {
"agentless": true,
"apache": "string",
"awsCloud": true,
"crio": true,
"docker": "string",
"dockerEnterprise": true,
"hasPackageManager": true,
"k8sApiServer": true,
"k8sControllerManager": true,
"k8sEtcd": true,
"k8sFederationApiServer": true,
"k8sFederationControllerManager": true,
"k8sKubelet": true,
"k8sProxy": true,
"k8sScheduler": true,
"kubernetes": "string",
"openshift": true,
"openshiftVersion": "string",
"osDistro": "string",
"serverless": true,
"swarmManager": true,
"swarmNode": true
},
"isARM64": true,
"k8sClusterAddr": "string",
"labels": [
"string"
],
"layers": [
"string"
],
"missingDistroVulnCoverage": true,
"namespaces": [
"string"
],
"osDistro": "string",
"osDistroRelease": "string",
"osDistroVersion": "string",
"packageCorrelationDone": true,
"packageManager": true,
"packages": [
{
"pkgs": [
{
"binaryIdx": [
0
],
"binaryPkgs": [
"string"
],
"cveCount": 0,
"files": [
{
"md5": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"functionLayer": "string",
"goPkg": true,
"jarIdentifier": "string",
"layerTime": 0,
"license": "string",
"name": "string",
"osPackage": true,
"path": "string",
"version": "string"
}
],
"pkgsType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go"
]
}
],
"pushTime": "2023-11-20T16:36:44.239Z",
"registryNamespace": "string",
"registryType": "string",
"repoDigests": [
"string"
],
"repoTag": {
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
},
"rhelRepos": [
"string"
],
"riskFactors": {},
"scanBuildDate": "string",
"scanVersion": "string",
"startupBinaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"tags": [
{
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
}
],
"topLayer": "string",
"twistlockImage": true,
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2023-11-20T16:36:44.240Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"severity": "string",
"status": "string",
"templates": [
[
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
]
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
]
}
],
"vulnerabilitiesCount": 0,
"vulnerabilityDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilityRiskScore": 0
},
"vulnerabilityRiskScore": 0,
"vulnerableFiles": 0
}
]