gcloud beta container images describe
(Redirected from --show-package-vulnerability)
Jump to navigation
Jump to search
gcloud beta container images describe gcloud container images describe --help
gcloud beta container images describe "$REPOSITORY/$image@$SHA" --show-package-vulnerability --format json | jq '.package_vulnerability_summary.vulnerabilities.CRITICAL | length ')
Examples[edit]
gcloud beta container images describe "eu.gcr.io/project/nginx@sha256:358e251e4fdc3c10c95a254" --show-package-vulnerability discovery_summary: discovery: [] image_summary: digest: sha256:358e251e4fdc3c10c95a254 fully_qualified_digest: eu.gcr.io/project/nginx@sha256:58e251e4fdc3c10c95a254 registry: eu.gcr.io repository: project/nginx package_vulnerability_summary: not_fixed_vulnerability_count: 0 total_vulnerability_found: 0 vulnerabilities: {}
Example with vulnerabilities[edit]
{
"discovery_summary": {
"discovery": [
{
"createTime": "2022-08-29T15:03:58.530515Z",
"discovery": {
"analysisStatus": "FINISHED_SUCCESS",
"continuousAnalysis": "ACTIVE"
},
"kind": "DISCOVERY",
"name": "projects/your-project/occurrences/7dc8f0c2-c665-4955-b2ce-7cfe8d107595",
"noteName": "projects/goog-analysis/notes/PACKAGE_VULNERABILITY",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:14.199537Z"
}
]
},
"image_summary": {
"digest": "sha256:0123456789xxxxx",
"fully_qualified_digest": "eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"registry": "eu.gcr.io",
"repository": "your-project/nginx"
},
"package_vulnerability_summary": {
"not_fixed_vulnerability_count": 0,
"total_vulnerability_found": 17,
"vulnerabilities": {
"CRITICAL": [
{
"createTime": "2022-08-29T15:04:09.198853Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/9074cbfb-1c31-48b1-a47e-42f0d50f822c",
"noteName": "projects/goog-vulnz/notes/CVE-2019-2201",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:09.198853Z",
"vulnerability": {
"cvssScore": 9.3,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_LOCAL",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 7.8,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "IMPACT_HIGH",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "CRITICAL",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:C/I:C/A:C",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libjpeg-turbo",
"affectedVersion": {
"fullName": "2.0.2-r0",
"kind": "NORMAL",
"name": "2.0.2",
"revision": "r0"
},
"effectiveSeverity": "CRITICAL",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libjpeg-turbo",
"fixedVersion": {
"fullName": "2.0.4-r0",
"kind": "NORMAL",
"name": "2.0.4",
"revision": "r0"
},
"packageType": "OS"
}
],
"severity": "CRITICAL",
"shortDescription": "CVE-2019-2201"
}
}
],
"HIGH": [
{
"createTime": "2022-08-29T15:04:08.186141Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/0bb5da06-b5e2-44dc-9a0b-39254acd0995",
"noteName": "projects/goog-vulnz/notes/CVE-2021-3517",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:08.186141Z",
"vulnerability": {
"cvssScore": 7.5,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 8.6,
"confidentialityImpact": "IMPACT_LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"integrityImpact": "IMPACT_LOW",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "HIGH",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:P/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxml2",
"affectedVersion": {
"fullName": "2.9.9-r2",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r2"
},
"effectiveSeverity": "HIGH",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxml2",
"fixedVersion": {
"fullName": "2.9.9-r5",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r5"
},
"packageType": "OS"
}
],
"severity": "HIGH",
"shortDescription": "CVE-2021-3517"
}
}
],
"LOW": [
{
"createTime": "2022-08-29T15:04:11.596301Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/15dcd9a7-183a-4fcc-a12c-e561ad30c5d1",
"noteName": "projects/goog-vulnz/notes/CVE-2019-13627",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:11.596301Z",
"vulnerability": {
"cvssScore": 2.6,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_HIGH",
"attackVector": "ATTACK_VECTOR_LOCAL",
"availabilityImpact": "IMPACT_NONE",
"baseScore": 6.3,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 1.0,
"impactScore": 5.2,
"integrityImpact": "IMPACT_HIGH",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "LOW",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:L/AC:H/Au:N/C:P/I:P/A:N",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libgcrypt",
"affectedVersion": {
"fullName": "1.8.4-r2",
"kind": "NORMAL",
"name": "1.8.4",
"revision": "r2"
},
"effectiveSeverity": "LOW",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libgcrypt",
"fixedVersion": {
"fullName": "1.8.5-r0",
"kind": "NORMAL",
"name": "1.8.5",
"revision": "r0"
},
"packageType": "OS"
}
],
"severity": "LOW",
"shortDescription": "CVE-2019-13627"
}
},
{
"createTime": "2022-08-29T15:04:08.977888Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/fb37c640-aea0-459d-a8fd-c3dd3906e87a",
"noteName": "projects/goog-vulnz/notes/CVE-2020-28928",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:08.977888Z",
"vulnerability": {
"cvssScore": 2.1,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_LOCAL",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 5.5,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_LOW",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "LOW",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:L/AC:L/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "musl",
"affectedVersion": {
"fullName": "1.1.22-r3",
"kind": "NORMAL",
"name": "1.1.22",
"revision": "r3"
},
"effectiveSeverity": "LOW",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "musl",
"fixedVersion": {
"fullName": "1.1.22-r4",
"kind": "NORMAL",
"name": "1.1.22",
"revision": "r4"
},
"packageType": "OS"
}
],
"severity": "LOW",
"shortDescription": "CVE-2020-28928"
}
}
],
"MEDIUM": [
{
"createTime": "2022-08-29T15:04:10.473028Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/13bc32fd-c5b8-4d6e-9cfc-17ecbb40329b",
"noteName": "projects/goog-vulnz/notes/CVE-2019-18197",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:10.473028Z",
"vulnerability": {
"cvssScore": 5.1,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_HIGH",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "IMPACT_HIGH",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:H/Au:N/C:P/I:P/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxslt",
"affectedVersion": {
"fullName": "1.1.33-r1",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r1"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxslt",
"fixedVersion": {
"fullName": "1.1.33-r2",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r2"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2019-18197"
}
},
{
"createTime": "2022-08-29T15:04:10.216126Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/144f8f03-28d8-483b-a8f9-5cf83c768f36",
"noteName": "projects/goog-vulnz/notes/CVE-2020-15999",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:10.216126Z",
"vulnerability": {
"cvssScore": 4.3,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 6.5,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "freetype",
"affectedVersion": {
"fullName": "2.10.0-r0",
"kind": "NORMAL",
"name": "2.10.0",
"revision": "r0"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "freetype",
"fixedVersion": {
"fullName": "2.10.0-r1",
"kind": "NORMAL",
"name": "2.10.0",
"revision": "r1"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2020-15999"
}
},
{
"createTime": "2022-08-29T23:07:18.026936Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/297b644c-fd28-4664-9d66-b5fbd0ad3299",
"noteName": "projects/goog-vulnz/notes/CVE-2020-13790",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T23:07:18.026936Z",
"vulnerability": {
"cvssScore": 5.8,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 8.1,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libjpeg-turbo",
"affectedVersion": {
"fullName": "2.0.2-r0",
"kind": "NORMAL",
"name": "2.0.2",
"revision": "r0"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libjpeg-turbo",
"fixedVersion": {
"fullName": "2.0.4-r1",
"kind": "NORMAL",
"name": "2.0.4",
"revision": "r1"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2020-13790"
}
},
{
"createTime": "2022-08-29T15:04:09.511045Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/36df747b-f5ac-4c4f-8640-0d881f165443",
"noteName": "projects/goog-vulnz/notes/CVE-2021-28831",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:09.511045Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "busybox",
"affectedVersion": {
"fullName": "1.30.1-r2",
"kind": "NORMAL",
"name": "1.30.1",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "busybox",
"fixedVersion": {
"fullName": "1.30.1-r5",
"kind": "NORMAL",
"name": "1.30.1",
"revision": "r5"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2021-28831"
}
},
{
"createTime": "2022-08-29T15:04:11.829970Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/65b7a19e-69da-48ce-a2e1-64df188f44cc",
"noteName": "projects/goog-vulnz/notes/CVE-2019-13117",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:11.829970Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_NONE",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxslt",
"affectedVersion": {
"fullName": "1.1.33-r1",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r1"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxslt",
"fixedVersion": {
"fullName": "1.1.33-r3",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r3"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2019-13117"
}
},
{
"createTime": "2022-08-29T15:04:12.268580Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/7f6024da-cca4-45de-9644-9aefde690fae",
"noteName": "projects/goog-vulnz/notes/CVE-2020-14155",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:12.268580Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_LOW",
"baseScore": 5.3,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "pcre",
"affectedVersion": {
"fullName": "8.43-r0",
"kind": "NORMAL",
"name": "8.43",
"revision": "r0"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "pcre",
"fixedVersion": {
"fullName": "8.43-r1",
"kind": "NORMAL",
"name": "8.43",
"revision": "r1"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2020-14155"
}
},
{
"createTime": "2022-08-29T15:04:11.717313Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/84ee2281-a769-4e8a-9cbf-93a063bb4ef2",
"noteName": "projects/goog-vulnz/notes/CVE-2019-13118",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:11.717313Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_NONE",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxslt",
"affectedVersion": {
"fullName": "1.1.33-r1",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r1"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxslt",
"fixedVersion": {
"fullName": "1.1.33-r3",
"kind": "NORMAL",
"name": "1.1.33",
"revision": "r3"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2019-13118"
}
},
{
"createTime": "2022-08-29T15:04:07.821209Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/8ea01410-6451-4750-b66a-287014eb6f82",
"noteName": "projects/goog-vulnz/notes/CVE-2020-24977",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:07.821209Z",
"vulnerability": {
"cvssScore": 6.4,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_LOW",
"baseScore": 6.5,
"confidentialityImpact": "IMPACT_LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxml2",
"affectedVersion": {
"fullName": "2.9.9-r2",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxml2",
"fixedVersion": {
"fullName": "2.9.9-r4",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r4"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2020-24977"
}
},
{
"createTime": "2022-08-29T15:04:09.824398Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/9c687953-b27f-4531-a84a-49046fe33461",
"noteName": "projects/goog-vulnz/notes/CVE-2021-36159",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:09.824398Z",
"vulnerability": {
"cvssScore": 6.4,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 9.1,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "apk-tools",
"affectedVersion": {
"fullName": "2.10.4-r2",
"kind": "NORMAL",
"name": "2.10.4",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "apk-tools",
"fixedVersion": {
"fullName": "2.10.7-r0",
"kind": "NORMAL",
"name": "2.10.7",
"revision": "r0"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2021-36159"
}
},
{
"createTime": "2022-08-29T15:04:10.970746Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/c6d1235b-bd30-4468-875c-affc7dbbe007",
"noteName": "projects/goog-vulnz/notes/CVE-2019-19956",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:10.970746Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxml2",
"affectedVersion": {
"fullName": "2.9.9-r2",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxml2",
"fixedVersion": {
"fullName": "2.9.9-r3",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r3"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2019-19956"
}
},
{
"createTime": "2022-08-29T15:04:11.132973Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/d058e0cf-cabd-4c5b-bc47-70692c981717",
"noteName": "projects/goog-vulnz/notes/CVE-2021-30139",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:11.132973Z",
"vulnerability": {
"cvssScore": 5.0,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 7.5,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "apk-tools",
"affectedVersion": {
"fullName": "2.10.4-r2",
"kind": "NORMAL",
"name": "2.10.4",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "apk-tools",
"fixedVersion": {
"fullName": "2.10.6-r0",
"kind": "NORMAL",
"name": "2.10.6",
"revision": "r0"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2021-30139"
}
},
{
"createTime": "2022-08-29T15:04:07.396688Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/d23e70ae-ca3e-46e7-a198-340f794cde4a",
"noteName": "projects/goog-vulnz/notes/CVE-2021-3537",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:07.396688Z",
"vulnerability": {
"cvssScore": 4.3,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_HIGH",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 5.9,
"confidentialityImpact": "IMPACT_NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "IMPACT_NONE",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_NONE"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxml2",
"affectedVersion": {
"fullName": "2.9.9-r2",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxml2",
"fixedVersion": {
"fullName": "2.9.9-r5",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r5"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2021-3537"
}
},
{
"createTime": "2022-08-29T15:04:08.546833Z",
"kind": "VULNERABILITY",
"name": "projects/your-project/occurrences/ec3c4e4a-a271-4328-939e-ba2621bc9c9b",
"noteName": "projects/goog-vulnz/notes/CVE-2021-3518",
"resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx",
"updateTime": "2022-08-29T15:04:08.546833Z",
"vulnerability": {
"cvssScore": 6.8,
"cvssv3": {
"attackComplexity": "ATTACK_COMPLEXITY_LOW",
"attackVector": "ATTACK_VECTOR_NETWORK",
"availabilityImpact": "IMPACT_HIGH",
"baseScore": 8.8,
"confidentialityImpact": "IMPACT_HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "IMPACT_HIGH",
"privilegesRequired": "PRIVILEGES_REQUIRED_NONE",
"scope": "SCOPE_UNCHANGED",
"userInteraction": "USER_INTERACTION_REQUIRED"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:P/A:P",
"packageIssue": [
{
"affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"affectedPackage": "libxml2",
"affectedVersion": {
"fullName": "2.9.9-r2",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r2"
},
"effectiveSeverity": "MEDIUM",
"fixAvailable": true,
"fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10",
"fixedPackage": "libxml2",
"fixedVersion": {
"fullName": "2.9.9-r5",
"kind": "NORMAL",
"name": "2.9.9",
"revision": "r5"
},
"packageType": "OS"
}
],
"severity": "MEDIUM",
"shortDescription": "CVE-2021-3518"
}
}
]
}
}
}
See also[edit]
gcloud beta [ monitoring | container ]gcloud container [ clusters | images | get-server-config | subnets ]
Advertising:
