Help Center/ Host Security Service/ User Guide/ Risk Management/ Container Image Security/ Repository Image Security Scan/ Managing the Repository Image Vulnerability Whitelist
Updated on 2025-09-08 GMT+08:00
View PDF
Share

Managing the Repository Image Vulnerability Whitelist

Scenarios

When adding a vulnerability to the whitelist, you need to specify the applicable scope of the whitelist item. If this item only applies to an image, the vulnerability will not be displayed in the scan results of this image, but will still be displayed under other images.

You can whitelist the image vulnerabilities that do not affect services.

You can add, modify, and delete repository image vulnerabilities in the whitelist.

Adding a Repository Image Vulnerability to the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.

    You can also locate a vulnerability in Risk View or Image View, and click Add to Whitelist in its Operation column.

  5. On the Repository Images tab page, click Add Rule.
  6. On the Add Rule page, configure whitelist rule parameters. For details, see Table 1.

    Table 1 Vulnerability whitelist rule parameters

    Parameter

    Description

    Example Value

    Type

    Select a vulnerability type from the drop-down list.

    • Linux Vulnerabilities
    • Application Vulnerabilities

    Linux Vulnerabilities

    Vulnerability

    Select a vulnerability from the drop-down list.

    -

    Image Scope

    Select the applicable image scope of the whitelist item.

    • All: all the images affected by the vulnerability
    • Specify types of image repositories: specified image repositories affected by the vulnerability
    • Specific: specific images affected by the vulnerability You can filter images by repository type or other criteria, and then select images.

    Specific, Drupal

    Remarks

    Enter remarks to help you identify or trace whitelist operations.

    test

  7. Click OK.
  8. Return to the repository image whitelist. Verify that the whitelisted vulnerability is displayed.

Modifying a Repository Image Vulnerability in the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.
  5. Locate a whitelist item on the Repository Images tab.
  6. In the Operation column of the item, click Edit.
  7. On Edit Whitelist Rule page, modify the image scope and remarks.

    Table 2 Parameters for modifying a whitelist rule

    Parameter

    Description

    Example Value

    Image Scope

    Select the applicable image scope of the whitelist item.

    • All: all images affected by the vulnerability
    • Specify types of image repositories: specified image repositories affected by the vulnerability
    • Specific: specific images affected by the vulnerability You can filter images by repository type or other criteria, and then select images.

    Specific, drupal

    Remarks

    Enter remarks to help you identify or trace whitelisting operations.

    test

  8. Click OK.

Deleting a Repository Image Vulnerability from the Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Risk Management > Container Images.
  4. In the upper right corner of the page, click Configure Whitelist.
  5. Locate a whitelist item on the Repository Images tab.
  6. In the Operation column of the item, click Delete.
  7. In the displayed dialog box, confirm the whitelist information and click OK.
  8. Return to the image whitelist. Verify that the deleted whitelist item does not exist.
Parent Topic: Repository Image Security Scan