Querying Image Vulnerability Information

Function

This API is used to query image vulnerability information.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.

URI

GET /v5/{project_id}/image/{image_id}/vulnerabilities

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A
image_id	Yes	String	Definition Image ID. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project.
offset	No	Integer	Definition Offset, which specifies the start position of the record to be returned. Constraints N/A Range The value range is 0 to 2,000,000. Default Value The default value is 0.
limit	No	Integer	Definition Number of records displayed on each page. Constraints N/A Range Value range: 10-200 Default Value 10
image_type	Yes	String	Definition Image type. Constraints N/A Range private_image: private image repository shared_image: shared image repository instance_image: enterprise image cicd : CI/CD image harbor: Harbor repository image jfrog: JFrog repository image Default Value N/A
instance_id	No	String	Definition Enterprise repository instance ID. This parameter can be specified for the enterprise edition SWR. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A
namespace	Yes	String	Definition Organization name Constraints N/A Range The value contains 0 to 64 characters. Default Value N/A
image_name	Yes	String	Definition Image Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A
tag_name	Yes	String	Definition Image tag name. Constraints N/A Range The value can contain 0 to 64 characters. Default Value N/A
repair_necessity	No	String	Definition Severity. Constraints N/A Range immediate_repair: high risk delay_repair: medium risk not_needed_repair: low risk Default Value N/A
vul_id	No	String	Definition Vulnerability ID (fuzzy search supported) Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A
app_name	No	String	Definition Software Constraints N/A Range The value can contain 0 to 64 characters. Default Value N/A
type	No	String	Definition Type Constraints N/A Range linux_vul: Linux vulnerabilities app_vul: application vulnerabilities Default Value N/A
handle_status	No	String	Definition Handling Status Constraints N/A Range unhandled handled Default Value N/A

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
total_num	Integer	Definition Total number of records. Range The value range is 0 to 2,147,483,647.
data_list	Array of ImageVulInfo objects	Definition Image vulnerability list Range The value range is 0 to 200.

**Table 5** ImageVulInfo
Parameter	Type	Description
vul_id	String	Definition Vulnerability ID Range The value can contain 0 to 128 characters.
repair_necessity	String	Definition Severity. Range immediate_repair: high risk delay_repair: medium risk not_needed_repair: low risk
description	String	Definition Vulnerability Description Range The value can contain 0 to 128 characters.
position	String	Definition Image where a vulnerability exists Range The value can contain 0 to 128 characters.
app_name	String	Definition Vulnerability software name Range The value can contain 0 to 128 characters.
app_path	String	Definition Path of the application software. (This field is available only for application vulnerabilities.) Range The value can contain 1 to 512 characters.
version	String	Definition Version Range The value can contain 0 to 128 characters.
solution	String	Definition Solution Range The value can contain 0 to 256 characters.
url	String	Definition Patch address. Range The value can contain 0 to 128 characters.

Example Requests

Query the vulnerability information of the private image whose namespace is scc_hss_container, image name is apptest, and image version is V1.

GET https://{endpoint}/v5/{project_id}/image/{image_id}/vulnerabilities?limit=10&offset=0&namespace=scc_hss_container&tag_name=v1&image_name=apptest&image_type=private_image&type=linux_vul&enterprise_project_id=all_granted_eps

Example Responses

Status code: 200

Request succeeded.

{
  "total_num" : 1,
  "data_list" : [ {
    "app_name" : "xz-lib",
    "description" : "online",
    "position" : "sha256:74ddd0ec08fa43dXXXX",
    "repair_necessity" : "delay_repair",
    "solution" : "To upgrade the affected software",
    "url" : "https://access.redhat.com/errata/RHSAXXX",
    "version" : "5.2.4-3.el8",
    "vul_id" : "RHSA-2022:49XX"
  } ]
}