Container Registry API, REST: Scanner.ListVulnerabilities
Retrieves the list of vulnerabilities found in particular scan.
HTTP request
GET https://container-registry.api.cloud.yandex.net/container-registry/v1/scans/{scanResultId}:listVulnerabilities
Path parameters
Field |
Description |
scanResultId |
string Required field. ID of the ScanResult to get list of vulnerabilities for. |
Query parameters
Field |
Description |
pageSize |
string (int64) The maximum number of results per page to return. If the number of available |
pageToken |
string Page token. To get the next page of results, set |
filter |
string A filter expression that filters resources listed in the response.
|
orderBy |
string An order expression that orders resources listed in the response.
|
Response
HTTP Code: 200 - OK
{
"vulnerabilities": [
{
"severity": "string",
// Includes only one of the fields `package`
"package": {
"name": "string",
"link": "string",
"package": "string",
"source": "string",
"version": "string",
"fixedBy": "string",
"origin": "string",
"type": "string"
}
// end of the list of possible fields
}
],
"nextPageToken": "string"
}
Field |
Description |
vulnerabilities[] |
List of Vulnerability resources. |
nextPageToken |
string This token allows you to get the next page of results for list requests. If the number of results |
Vulnerability
A Vulnerability resource.
Field |
Description |
severity |
enum (Severity) Output only. Severity of the Vulnerability.
|
package |
Includes only one of the fields Details of vulnerability depending on type. Only |
PackageVulnerability
A PackageVulnerability resource.
Field |
Description |
name |
string Name of vulnerability in CVE database. |
link |
string URL to the page with description of vulnerability. |
package |
string The package name where vulnerability has been found. |
source |
string The package manager name. Ex.: yum, rpm, dpkg. |
version |
string The version of the package where vulnerability has been found. |
fixedBy |
string The version of the package where vulnerability has been fixed. |
origin |
string The place where vulnerability is originated (OS, lang package, etc.) |
type |
string The type of vulnerability origin - name of OS if origin="os" or package type (jar, gobinary, etc.) if origin="lang" |