Container Registry API, gRPC: ScannerService.ListVulnerabilities
Retrieves the list of vulnerabilities found in particular scan.
gRPC request
rpc ListVulnerabilities (ListVulnerabilitiesRequest) returns (ListVulnerabilitiesResponse)
ListVulnerabilitiesRequest
{
"scanResultId": "string",
"pageSize": "int64",
"pageToken": "string",
"filter": "string",
"orderBy": "string"
}
Field |
Description |
scanResultId |
string Required field. ID of the ScanResult to get list of vulnerabilities for. |
pageSize |
int64 The maximum number of results per page to return. If the number of available |
pageToken |
string Page token. To get the next page of results, set |
filter |
string A filter expression that filters resources listed in the response.
|
orderBy |
string An order expression that orders resources listed in the response.
|
ListVulnerabilitiesResponse
{
"vulnerabilities": [
{
"severity": "Severity",
// Includes only one of the fields `package`
"package": {
"name": "string",
"link": "string",
"package": "string",
"source": "string",
"version": "string",
"fixedBy": "string",
"origin": "string",
"type": "string"
}
// end of the list of possible fields
}
],
"nextPageToken": "string"
}
Field |
Description |
vulnerabilities[] |
List of Vulnerability resources. |
nextPageToken |
string This token allows you to get the next page of results for list requests. If the number of results |
Vulnerability
A Vulnerability resource.
Field |
Description |
severity |
enum Severity Output only. Severity of the Vulnerability.
|
package |
Includes only one of the fields Details of vulnerability depending on type. Only |
PackageVulnerability
A PackageVulnerability resource.
Field |
Description |
name |
string Name of vulnerability in CVE database. |
link |
string URL to the page with description of vulnerability. |
package |
string The package name where vulnerability has been found. |
source |
string The package manager name. Ex.: yum, rpm, dpkg. |
version |
string The version of the package where vulnerability has been found. |
fixedBy |
string The version of the package where vulnerability has been fixed. |
origin |
string The place where vulnerability is originated (OS, lang package, etc.) |
type |
string The type of vulnerability origin - name of OS if origin="os" or package type (jar, gobinary, etc.) if origin="lang" |