gcloud beta container images describe

From wikieduonline
Jump to navigation Jump to search

gcloud beta container images describe
gcloud container images describe --help
gcloud beta container images describe "$REPOSITORY/$image@$SHA" --show-package-vulnerability --format json | jq '.package_vulnerability_summary.vulnerabilities.CRITICAL | length ')

Examples

gcloud beta container images describe "eu.gcr.io/project/nginx@sha256:358e251e4fdc3c10c95a254" --show-package-vulnerability
discovery_summary:
  discovery: []
image_summary:
  digest: sha256:358e251e4fdc3c10c95a254
  fully_qualified_digest: eu.gcr.io/project/nginx@sha256:58e251e4fdc3c10c95a254
  registry: eu.gcr.io
  repository: project/nginx
package_vulnerability_summary:
  not_fixed_vulnerability_count: 0
  total_vulnerability_found: 0
  vulnerabilities: {}

Example with vulnerabilities

{
  "discovery_summary": {
    "discovery": [
      {
        "createTime": "2022-08-29T15:03:58.530515Z",
        "discovery": {
          "analysisStatus": "FINISHED_SUCCESS",
          "continuousAnalysis": "ACTIVE"
        },
        "kind": "DISCOVERY",
        "name": "projects/your-project/occurrences/7dc8f0c2-c665-4955-b2ce-7cfe8d107595",
        "noteName": "projects/goog-analysis/notes/PACKAGE_VULNERABILITY",
        "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
        "updateTime": "2022-08-29T15:04:14.199537Z"
      }
    ]
  },
  "image_summary": {
    "digest": "sha256:0123456789xxxxx",
    "fully_qualified_digest": "eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
    "registry": "eu.gcr.io",
    "repository": "your-project/nginx"
  },
  "package_vulnerability_summary": {
    "not_fixed_vulnerability_count": 0,
    "total_vulnerability_found": 17,
    "vulnerabilities": {
      "CRITICAL": [
        {
          "createTime": "2022-08-29T15:04:09.198853Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/9074cbfb-1c31-48b1-a47e-42f0d50f822c",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-2201",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:09.198853Z",
          "vulnerability": {
            "cvssScore": 9.3,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_LOCAL",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 7.8,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 1.8,
              "impactScore": 5.9,
              "integrityImpact": "IMPACT_HIGH",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "CRITICAL",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libjpeg-turbo",
                "affectedVersion": {
                  "fullName": "2.0.2-r0",
                  "kind": "NORMAL",
                  "name": "2.0.2",
                  "revision": "r0"
                },
                "effectiveSeverity": "CRITICAL",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libjpeg-turbo",
                "fixedVersion": {
                  "fullName": "2.0.4-r0",
                  "kind": "NORMAL",
                  "name": "2.0.4",
                  "revision": "r0"
                },
                "packageType": "OS"
              }
            ],
            "severity": "CRITICAL",
            "shortDescription": "CVE-2019-2201"
          }
        }
      ],
      "HIGH": [
        {
          "createTime": "2022-08-29T15:04:08.186141Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/0bb5da06-b5e2-44dc-9a0b-39254acd0995",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-3517",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:08.186141Z",
          "vulnerability": {
            "cvssScore": 7.5,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 8.6,
              "confidentialityImpact": "IMPACT_LOW",
              "exploitabilityScore": 3.9,
              "impactScore": 4.7,
              "integrityImpact": "IMPACT_LOW",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "HIGH",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxml2",
                "affectedVersion": {
                  "fullName": "2.9.9-r2",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r2"
                },
                "effectiveSeverity": "HIGH",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxml2",
                "fixedVersion": {
                  "fullName": "2.9.9-r5",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r5"
                },
                "packageType": "OS"
              }
            ],
            "severity": "HIGH",
            "shortDescription": "CVE-2021-3517"
          }
        }
      ],
      "LOW": [
        {
          "createTime": "2022-08-29T15:04:11.596301Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/15dcd9a7-183a-4fcc-a12c-e561ad30c5d1",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-13627",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:11.596301Z",
          "vulnerability": {
            "cvssScore": 2.6,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_HIGH",
              "attackVector": "ATTACK_VECTOR_LOCAL",
              "availabilityImpact": "IMPACT_NONE",
              "baseScore": 6.3,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 1.0,
              "impactScore": 5.2,
              "integrityImpact": "IMPACT_HIGH",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "LOW",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:L/AC:H/Au:N/C:P/I:P/A:N",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libgcrypt",
                "affectedVersion": {
                  "fullName": "1.8.4-r2",
                  "kind": "NORMAL",
                  "name": "1.8.4",
                  "revision": "r2"
                },
                "effectiveSeverity": "LOW",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libgcrypt",
                "fixedVersion": {
                  "fullName": "1.8.5-r0",
                  "kind": "NORMAL",
                  "name": "1.8.5",
                  "revision": "r0"
                },
                "packageType": "OS"
              }
            ],
            "severity": "LOW",
            "shortDescription": "CVE-2019-13627"
          }
        },
        {
          "createTime": "2022-08-29T15:04:08.977888Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/fb37c640-aea0-459d-a8fd-c3dd3906e87a",
          "noteName": "projects/goog-vulnz/notes/CVE-2020-28928",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:08.977888Z",
          "vulnerability": {
            "cvssScore": 2.1,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_LOCAL",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 5.5,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 1.8,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_LOW",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "LOW",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "musl",
                "affectedVersion": {
                  "fullName": "1.1.22-r3",
                  "kind": "NORMAL",
                  "name": "1.1.22",
                  "revision": "r3"
                },
                "effectiveSeverity": "LOW",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "musl",
                "fixedVersion": {
                  "fullName": "1.1.22-r4",
                  "kind": "NORMAL",
                  "name": "1.1.22",
                  "revision": "r4"
                },
                "packageType": "OS"
              }
            ],
            "severity": "LOW",
            "shortDescription": "CVE-2020-28928"
          }
        }
      ],
      "MEDIUM": [
        {
          "createTime": "2022-08-29T15:04:10.473028Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/13bc32fd-c5b8-4d6e-9cfc-17ecbb40329b",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-18197",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:10.473028Z",
          "vulnerability": {
            "cvssScore": 5.1,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_HIGH",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 1.6,
              "impactScore": 5.9,
              "integrityImpact": "IMPACT_HIGH",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxslt",
                "affectedVersion": {
                  "fullName": "1.1.33-r1",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r1"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxslt",
                "fixedVersion": {
                  "fullName": "1.1.33-r2",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r2"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2019-18197"
          }
        },
        {
          "createTime": "2022-08-29T15:04:10.216126Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/144f8f03-28d8-483b-a8f9-5cf83c768f36",
          "noteName": "projects/goog-vulnz/notes/CVE-2020-15999",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:10.216126Z",
          "vulnerability": {
            "cvssScore": 4.3,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 6.5,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 2.8,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "freetype",
                "affectedVersion": {
                  "fullName": "2.10.0-r0",
                  "kind": "NORMAL",
                  "name": "2.10.0",
                  "revision": "r0"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "freetype",
                "fixedVersion": {
                  "fullName": "2.10.0-r1",
                  "kind": "NORMAL",
                  "name": "2.10.0",
                  "revision": "r1"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2020-15999"
          }
        },
        {
          "createTime": "2022-08-29T23:07:18.026936Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/297b644c-fd28-4664-9d66-b5fbd0ad3299",
          "noteName": "projects/goog-vulnz/notes/CVE-2020-13790",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T23:07:18.026936Z",
          "vulnerability": {
            "cvssScore": 5.8,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 8.1,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 2.8,
              "impactScore": 5.2,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libjpeg-turbo",
                "affectedVersion": {
                  "fullName": "2.0.2-r0",
                  "kind": "NORMAL",
                  "name": "2.0.2",
                  "revision": "r0"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libjpeg-turbo",
                "fixedVersion": {
                  "fullName": "2.0.4-r1",
                  "kind": "NORMAL",
                  "name": "2.0.4",
                  "revision": "r1"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2020-13790"
          }
        },
        {
          "createTime": "2022-08-29T15:04:09.511045Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/36df747b-f5ac-4c4f-8640-0d881f165443",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-28831",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:09.511045Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "busybox",
                "affectedVersion": {
                  "fullName": "1.30.1-r2",
                  "kind": "NORMAL",
                  "name": "1.30.1",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "busybox",
                "fixedVersion": {
                  "fullName": "1.30.1-r5",
                  "kind": "NORMAL",
                  "name": "1.30.1",
                  "revision": "r5"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2021-28831"
          }
        },
        {
          "createTime": "2022-08-29T15:04:11.829970Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/65b7a19e-69da-48ce-a2e1-64df188f44cc",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-13117",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:11.829970Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_NONE",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxslt",
                "affectedVersion": {
                  "fullName": "1.1.33-r1",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r1"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxslt",
                "fixedVersion": {
                  "fullName": "1.1.33-r3",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r3"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2019-13117"
          }
        },
        {
          "createTime": "2022-08-29T15:04:12.268580Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/7f6024da-cca4-45de-9644-9aefde690fae",
          "noteName": "projects/goog-vulnz/notes/CVE-2020-14155",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:12.268580Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_LOW",
              "baseScore": 5.3,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 3.9,
              "impactScore": 1.4,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "pcre",
                "affectedVersion": {
                  "fullName": "8.43-r0",
                  "kind": "NORMAL",
                  "name": "8.43",
                  "revision": "r0"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "pcre",
                "fixedVersion": {
                  "fullName": "8.43-r1",
                  "kind": "NORMAL",
                  "name": "8.43",
                  "revision": "r1"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2020-14155"
          }
        },
        {
          "createTime": "2022-08-29T15:04:11.717313Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/84ee2281-a769-4e8a-9cbf-93a063bb4ef2",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-13118",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:11.717313Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_NONE",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxslt",
                "affectedVersion": {
                  "fullName": "1.1.33-r1",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r1"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxslt",
                "fixedVersion": {
                  "fullName": "1.1.33-r3",
                  "kind": "NORMAL",
                  "name": "1.1.33",
                  "revision": "r3"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2019-13118"
          }
        },
        {
          "createTime": "2022-08-29T15:04:07.821209Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/8ea01410-6451-4750-b66a-287014eb6f82",
          "noteName": "projects/goog-vulnz/notes/CVE-2020-24977",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:07.821209Z",
          "vulnerability": {
            "cvssScore": 6.4,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_LOW",
              "baseScore": 6.5,
              "confidentialityImpact": "IMPACT_LOW",
              "exploitabilityScore": 3.9,
              "impactScore": 2.5,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxml2",
                "affectedVersion": {
                  "fullName": "2.9.9-r2",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxml2",
                "fixedVersion": {
                  "fullName": "2.9.9-r4",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r4"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2020-24977"
          }
        },
        {
          "createTime": "2022-08-29T15:04:09.824398Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/9c687953-b27f-4531-a84a-49046fe33461",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-36159",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:09.824398Z",
          "vulnerability": {
            "cvssScore": 6.4,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 9.1,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 3.9,
              "impactScore": 5.2,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "apk-tools",
                "affectedVersion": {
                  "fullName": "2.10.4-r2",
                  "kind": "NORMAL",
                  "name": "2.10.4",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "apk-tools",
                "fixedVersion": {
                  "fullName": "2.10.7-r0",
                  "kind": "NORMAL",
                  "name": "2.10.7",
                  "revision": "r0"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2021-36159"
          }
        },
        {
          "createTime": "2022-08-29T15:04:10.970746Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/c6d1235b-bd30-4468-875c-affc7dbbe007",
          "noteName": "projects/goog-vulnz/notes/CVE-2019-19956",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:10.970746Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxml2",
                "affectedVersion": {
                  "fullName": "2.9.9-r2",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxml2",
                "fixedVersion": {
                  "fullName": "2.9.9-r3",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r3"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2019-19956"
          }
        },
        {
          "createTime": "2022-08-29T15:04:11.132973Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/d058e0cf-cabd-4c5b-bc47-70692c981717",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-30139",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:11.132973Z",
          "vulnerability": {
            "cvssScore": 5.0,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 7.5,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "apk-tools",
                "affectedVersion": {
                  "fullName": "2.10.4-r2",
                  "kind": "NORMAL",
                  "name": "2.10.4",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "apk-tools",
                "fixedVersion": {
                  "fullName": "2.10.6-r0",
                  "kind": "NORMAL",
                  "name": "2.10.6",
                  "revision": "r0"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2021-30139"
          }
        },
        {
          "createTime": "2022-08-29T15:04:07.396688Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/d23e70ae-ca3e-46e7-a198-340f794cde4a",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-3537",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:07.396688Z",
          "vulnerability": {
            "cvssScore": 4.3,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_HIGH",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 5.9,
              "confidentialityImpact": "IMPACT_NONE",
              "exploitabilityScore": 2.2,
              "impactScore": 3.6,
              "integrityImpact": "IMPACT_NONE",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_NONE"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxml2",
                "affectedVersion": {
                  "fullName": "2.9.9-r2",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxml2",
                "fixedVersion": {
                  "fullName": "2.9.9-r5",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r5"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2021-3537"
          }
        },
        {
          "createTime": "2022-08-29T15:04:08.546833Z",
          "kind": "VULNERABILITY",
          "name": "projects/your-project/occurrences/ec3c4e4a-a271-4328-939e-ba2621bc9c9b",
          "noteName": "projects/goog-vulnz/notes/CVE-2021-3518",
          "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
          "updateTime": "2022-08-29T15:04:08.546833Z",
          "vulnerability": {
            "cvssScore": 6.8,
            "cvssv3": {
              "attackComplexity": "ATTACK_COMPLEXITY_LOW",
              "attackVector": "ATTACK_VECTOR_NETWORK",
              "availabilityImpact": "IMPACT_HIGH",
              "baseScore": 8.8,
              "confidentialityImpact": "IMPACT_HIGH",
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "integrityImpact": "IMPACT_HIGH",
              "privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
              "scope": "SCOPE_UNCHANGED",
              "userInteraction": "USER_INTERACTION_REQUIRED"
            },
            "effectiveSeverity": "MEDIUM",
            "fixAvailable": true,
            "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "packageIssue": [
              {
                "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "affectedPackage": "libxml2",
                "affectedVersion": {
                  "fullName": "2.9.9-r2",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r2"
                },
                "effectiveSeverity": "MEDIUM",
                "fixAvailable": true,
                "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
                "fixedPackage": "libxml2",
                "fixedVersion": {
                  "fullName": "2.9.9-r5",
                  "kind": "NORMAL",
                  "name": "2.9.9",
                  "revision": "r5"
                },
                "packageType": "OS"
              }
            ],
            "severity": "MEDIUM",
            "shortDescription": "CVE-2021-3518"
          }
        }
      ]
    }
  }
}

See also

Advertising: