Help Center/ Host Security Service/ User Guide/ Risk Management/ Container Image Security/ Local Image Security Scan/ Managing the Local Image Vulnerability Whitelist
Updated on 2025-09-08 GMT+08:00
View PDF
Share

Managing the Local Image Vulnerability Whitelist

Scenarios

When adding a vulnerability to the whitelist, you need to specify the applicable scope of the whitelist item. If this item only applies to an image, the vulnerability will not be displayed in the scan results of this image, but will still be displayed under other images.

You can whitelist the image vulnerabilities that do not affect services.

You can add, modify, and delete local image vulnerabilities in the whitelist.

Adding a Local Image Vulnerability to the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.

    You can also locate a vulnerability in Risk View or Image View, and click Add to Whitelist in its Operation column.

  5. On the Local Images tab page, click Add Rule.
  6. On the Add Rule page, configure whitelist rule parameters. For details, see Table 1.

    Table 1 Vulnerability whitelist rule parameters

    Parameter

    Description

    Example Value

    Type

    Select a vulnerability type from the drop-down list.

    • Linux Vulnerabilities
    • Application Vulnerabilities

    Linux Vulnerabilities

    Vulnerability

    Select a vulnerability from the drop-down list.

    -

    Image Scope

    Select the applicable image scope of the whitelist item.

    • All: all images affected by the vulnerability
    • Specific: specific images affected by the vulnerability You can filter images by their source or other conditions, and then select images.

    Specific, Drupal

    Remarks

    Enter remarks to help you identify or trace whitelisting operations.

    test

  7. Click OK.
  8. Return to the local image whitelist. Verify that the whitelisted vulnerability is displayed.

Modifying a Local Image Vulnerability in the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.
  5. Locate a whitelist item on the Local Images tab.
  6. In the Operation column of the whitelist, click Edit.
  7. On Edit Whitelist Rule page, modify the image scope and remarks.

    Table 2 Parameters for modifying a whitelist rule

    Parameter

    Description

    Example Value

    Image Scope

    Select the applicable image scope of the whitelist item.

    • All: all images affected by the vulnerability
    • Specific: specific images affected by the vulnerability You can filter images by their source or other conditions, and then select images.

    Specific, Drupal

    Remarks

    Enter remarks to help you identify or trace whitelisting operations.

    test

  8. Click OK.

Deleting a Local Image Vulnerability from the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.
  5. Locate a whitelist item on the Local Images tab.
  6. In the Operation column of the item, click Delete.
  7. In the displayed dialog box, confirm the whitelist information and click OK.
  8. Return to the image whitelist. Verify that the deleted whitelist item does not exist.
Parent Topic: Local Image Security Scan