Within an image report, the vulnerabilities tab includes a detailed list of known vulnerabilities found in the container image and can assist in prioritizing and resolving these security issues.
TABLE OF CONTENTS
Accessing The Image Report
The Vulnerabilities tab can be accessed from the Image Report under Aqua Wave Image Scanning.
- Locate and view the Image Report as described in Image Report Overview
- Navigate to the Vulnerabilities tab and view the report
The vulnerabilities tab provides an at-a-glance view of known vulnerabilities discovered by the Image Scanning job. The view is ordered by vulnerability (CVE) name by default. The list may also be sorted by other fields, such as severity, fixability, and resource name.
Vulnerability Detailed View
Additional information on an individual vulnerability can be found by clicking on each of the following lines in the report.
- Vulnerability Severity and Score
- The vulnerable package and the specific version of that package that includes the vulnerability
- The version of the package that is fixed (If a fix is available)
- Description of the vulnerability
- Link to Aqua Vulnerability Database (AVD), which includes even more information and insights about the vulnerability