gcloud beta container images describe
(Redirected from --show-package-vulnerability)
Jump to navigation
Jump to search
gcloud beta container images describe gcloud container images describe --help
gcloud beta container images describe "$REPOSITORY/$image@$SHA" --show-package-vulnerability --format json | jq '.package_vulnerability_summary.vulnerabilities.CRITICAL | length ')
Examples[edit]
gcloud beta container images describe "eu.gcr.io/project/nginx@sha256:358e251e4fdc3c10c95a254" --show-package-vulnerability discovery_summary: discovery: [] image_summary: digest: sha256:358e251e4fdc3c10c95a254 fully_qualified_digest: eu.gcr.io/project/nginx@sha256:58e251e4fdc3c10c95a254 registry: eu.gcr.io repository: project/nginx package_vulnerability_summary: not_fixed_vulnerability_count: 0 total_vulnerability_found: 0 vulnerabilities: {}
Example with vulnerabilities[edit]
{ "discovery_summary": { "discovery": [ { "createTime": "2022-08-29T15:03:58.530515Z", "discovery": { "analysisStatus": "FINISHED_SUCCESS", "continuousAnalysis": "ACTIVE" }, "kind": "DISCOVERY", "name": "projects/your-project/occurrences/7dc8f0c2-c665-4955-b2ce-7cfe8d107595", "noteName": "projects/goog-analysis/notes/PACKAGE_VULNERABILITY", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:14.199537Z" } ] }, "image_summary": { "digest": "sha256:0123456789xxxxx", "fully_qualified_digest": "eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "registry": "eu.gcr.io", "repository": "your-project/nginx" }, "package_vulnerability_summary": { "not_fixed_vulnerability_count": 0, "total_vulnerability_found": 17, "vulnerabilities": { "CRITICAL": [ { "createTime": "2022-08-29T15:04:09.198853Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/9074cbfb-1c31-48b1-a47e-42f0d50f822c", "noteName": "projects/goog-vulnz/notes/CVE-2019-2201", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:09.198853Z", "vulnerability": { "cvssScore": 9.3, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_LOCAL", "availabilityImpact": "IMPACT_HIGH", "baseScore": 7.8, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 1.8, "impactScore": 5.9, "integrityImpact": "IMPACT_HIGH", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "CRITICAL", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:C/I:C/A:C", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libjpeg-turbo", "affectedVersion": { "fullName": "2.0.2-r0", "kind": "NORMAL", "name": "2.0.2", "revision": "r0" }, "effectiveSeverity": "CRITICAL", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libjpeg-turbo", "fixedVersion": { "fullName": "2.0.4-r0", "kind": "NORMAL", "name": "2.0.4", "revision": "r0" }, "packageType": "OS" } ], "severity": "CRITICAL", "shortDescription": "CVE-2019-2201" } } ], "HIGH": [ { "createTime": "2022-08-29T15:04:08.186141Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/0bb5da06-b5e2-44dc-9a0b-39254acd0995", "noteName": "projects/goog-vulnz/notes/CVE-2021-3517", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:08.186141Z", "vulnerability": { "cvssScore": 7.5, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 8.6, "confidentialityImpact": "IMPACT_LOW", "exploitabilityScore": 3.9, "impactScore": 4.7, "integrityImpact": "IMPACT_LOW", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "HIGH", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:P/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxml2", "affectedVersion": { "fullName": "2.9.9-r2", "kind": "NORMAL", "name": "2.9.9", "revision": "r2" }, "effectiveSeverity": "HIGH", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxml2", "fixedVersion": { "fullName": "2.9.9-r5", "kind": "NORMAL", "name": "2.9.9", "revision": "r5" }, "packageType": "OS" } ], "severity": "HIGH", "shortDescription": "CVE-2021-3517" } } ], "LOW": [ { "createTime": "2022-08-29T15:04:11.596301Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/15dcd9a7-183a-4fcc-a12c-e561ad30c5d1", "noteName": "projects/goog-vulnz/notes/CVE-2019-13627", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:11.596301Z", "vulnerability": { "cvssScore": 2.6, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_HIGH", "attackVector": "ATTACK_VECTOR_LOCAL", "availabilityImpact": "IMPACT_NONE", "baseScore": 6.3, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 1.0, "impactScore": 5.2, "integrityImpact": "IMPACT_HIGH", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "LOW", "fixAvailable": true, "longDescription": "NIST vectors: AV:L/AC:H/Au:N/C:P/I:P/A:N", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libgcrypt", "affectedVersion": { "fullName": "1.8.4-r2", "kind": "NORMAL", "name": "1.8.4", "revision": "r2" }, "effectiveSeverity": "LOW", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libgcrypt", "fixedVersion": { "fullName": "1.8.5-r0", "kind": "NORMAL", "name": "1.8.5", "revision": "r0" }, "packageType": "OS" } ], "severity": "LOW", "shortDescription": "CVE-2019-13627" } }, { "createTime": "2022-08-29T15:04:08.977888Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/fb37c640-aea0-459d-a8fd-c3dd3906e87a", "noteName": "projects/goog-vulnz/notes/CVE-2020-28928", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:08.977888Z", "vulnerability": { "cvssScore": 2.1, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_LOCAL", "availabilityImpact": "IMPACT_HIGH", "baseScore": 5.5, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_LOW", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "LOW", "fixAvailable": true, "longDescription": "NIST vectors: AV:L/AC:L/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "musl", "affectedVersion": { "fullName": "1.1.22-r3", "kind": "NORMAL", "name": "1.1.22", "revision": "r3" }, "effectiveSeverity": "LOW", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "musl", "fixedVersion": { "fullName": "1.1.22-r4", "kind": "NORMAL", "name": "1.1.22", "revision": "r4" }, "packageType": "OS" } ], "severity": "LOW", "shortDescription": "CVE-2020-28928" } } ], "MEDIUM": [ { "createTime": "2022-08-29T15:04:10.473028Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/13bc32fd-c5b8-4d6e-9cfc-17ecbb40329b", "noteName": "projects/goog-vulnz/notes/CVE-2019-18197", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:10.473028Z", "vulnerability": { "cvssScore": 5.1, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_HIGH", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 7.5, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 1.6, "impactScore": 5.9, "integrityImpact": "IMPACT_HIGH", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:H/Au:N/C:P/I:P/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxslt", "affectedVersion": { "fullName": "1.1.33-r1", "kind": "NORMAL", "name": "1.1.33", "revision": "r1" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxslt", "fixedVersion": { "fullName": "1.1.33-r2", "kind": "NORMAL", "name": "1.1.33", "revision": "r2" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2019-18197" } }, { "createTime": "2022-08-29T15:04:10.216126Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/144f8f03-28d8-483b-a8f9-5cf83c768f36", "noteName": "projects/goog-vulnz/notes/CVE-2020-15999", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:10.216126Z", "vulnerability": { "cvssScore": 4.3, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 6.5, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "freetype", "affectedVersion": { "fullName": "2.10.0-r0", "kind": "NORMAL", "name": "2.10.0", "revision": "r0" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "freetype", "fixedVersion": { "fullName": "2.10.0-r1", "kind": "NORMAL", "name": "2.10.0", "revision": "r1" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2020-15999" } }, { "createTime": "2022-08-29T23:07:18.026936Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/297b644c-fd28-4664-9d66-b5fbd0ad3299", "noteName": "projects/goog-vulnz/notes/CVE-2020-13790", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T23:07:18.026936Z", "vulnerability": { "cvssScore": 5.8, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 8.1, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 2.8, "impactScore": 5.2, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libjpeg-turbo", "affectedVersion": { "fullName": "2.0.2-r0", "kind": "NORMAL", "name": "2.0.2", "revision": "r0" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libjpeg-turbo", "fixedVersion": { "fullName": "2.0.4-r1", "kind": "NORMAL", "name": "2.0.4", "revision": "r1" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2020-13790" } }, { "createTime": "2022-08-29T15:04:09.511045Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/36df747b-f5ac-4c4f-8640-0d881f165443", "noteName": "projects/goog-vulnz/notes/CVE-2021-28831", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:09.511045Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 7.5, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "busybox", "affectedVersion": { "fullName": "1.30.1-r2", "kind": "NORMAL", "name": "1.30.1", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "busybox", "fixedVersion": { "fullName": "1.30.1-r5", "kind": "NORMAL", "name": "1.30.1", "revision": "r5" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2021-28831" } }, { "createTime": "2022-08-29T15:04:11.829970Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/65b7a19e-69da-48ce-a2e1-64df188f44cc", "noteName": "projects/goog-vulnz/notes/CVE-2019-13117", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:11.829970Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_NONE", "baseScore": 7.5, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxslt", "affectedVersion": { "fullName": "1.1.33-r1", "kind": "NORMAL", "name": "1.1.33", "revision": "r1" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxslt", "fixedVersion": { "fullName": "1.1.33-r3", "kind": "NORMAL", "name": "1.1.33", "revision": "r3" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2019-13117" } }, { "createTime": "2022-08-29T15:04:12.268580Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/7f6024da-cca4-45de-9644-9aefde690fae", "noteName": "projects/goog-vulnz/notes/CVE-2020-14155", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:12.268580Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_LOW", "baseScore": 5.3, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "pcre", "affectedVersion": { "fullName": "8.43-r0", "kind": "NORMAL", "name": "8.43", "revision": "r0" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "pcre", "fixedVersion": { "fullName": "8.43-r1", "kind": "NORMAL", "name": "8.43", "revision": "r1" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2020-14155" } }, { "createTime": "2022-08-29T15:04:11.717313Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/84ee2281-a769-4e8a-9cbf-93a063bb4ef2", "noteName": "projects/goog-vulnz/notes/CVE-2019-13118", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:11.717313Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_NONE", "baseScore": 7.5, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:N", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxslt", "affectedVersion": { "fullName": "1.1.33-r1", "kind": "NORMAL", "name": "1.1.33", "revision": "r1" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxslt", "fixedVersion": { "fullName": "1.1.33-r3", "kind": "NORMAL", "name": "1.1.33", "revision": "r3" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2019-13118" } }, { "createTime": "2022-08-29T15:04:07.821209Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/8ea01410-6451-4750-b66a-287014eb6f82", "noteName": "projects/goog-vulnz/notes/CVE-2020-24977", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:07.821209Z", "vulnerability": { "cvssScore": 6.4, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_LOW", "baseScore": 6.5, "confidentialityImpact": "IMPACT_LOW", "exploitabilityScore": 3.9, "impactScore": 2.5, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxml2", "affectedVersion": { "fullName": "2.9.9-r2", "kind": "NORMAL", "name": "2.9.9", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxml2", "fixedVersion": { "fullName": "2.9.9-r4", "kind": "NORMAL", "name": "2.9.9", "revision": "r4" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2020-24977" } }, { "createTime": "2022-08-29T15:04:09.824398Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/9c687953-b27f-4531-a84a-49046fe33461", "noteName": "projects/goog-vulnz/notes/CVE-2021-36159", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:09.824398Z", "vulnerability": { "cvssScore": 6.4, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 9.1, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 3.9, "impactScore": 5.2, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:P/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "apk-tools", "affectedVersion": { "fullName": "2.10.4-r2", "kind": "NORMAL", "name": "2.10.4", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "apk-tools", "fixedVersion": { "fullName": "2.10.7-r0", "kind": "NORMAL", "name": "2.10.7", "revision": "r0" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2021-36159" } }, { "createTime": "2022-08-29T15:04:10.970746Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/c6d1235b-bd30-4468-875c-affc7dbbe007", "noteName": "projects/goog-vulnz/notes/CVE-2019-19956", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:10.970746Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 7.5, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxml2", "affectedVersion": { "fullName": "2.9.9-r2", "kind": "NORMAL", "name": "2.9.9", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxml2", "fixedVersion": { "fullName": "2.9.9-r3", "kind": "NORMAL", "name": "2.9.9", "revision": "r3" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2019-19956" } }, { "createTime": "2022-08-29T15:04:11.132973Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/d058e0cf-cabd-4c5b-bc47-70692c981717", "noteName": "projects/goog-vulnz/notes/CVE-2021-30139", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:11.132973Z", "vulnerability": { "cvssScore": 5.0, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 7.5, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:L/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "apk-tools", "affectedVersion": { "fullName": "2.10.4-r2", "kind": "NORMAL", "name": "2.10.4", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "apk-tools", "fixedVersion": { "fullName": "2.10.6-r0", "kind": "NORMAL", "name": "2.10.6", "revision": "r0" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2021-30139" } }, { "createTime": "2022-08-29T15:04:07.396688Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/d23e70ae-ca3e-46e7-a198-340f794cde4a", "noteName": "projects/goog-vulnz/notes/CVE-2021-3537", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:07.396688Z", "vulnerability": { "cvssScore": 4.3, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_HIGH", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 5.9, "confidentialityImpact": "IMPACT_NONE", "exploitabilityScore": 2.2, "impactScore": 3.6, "integrityImpact": "IMPACT_NONE", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_NONE" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:N/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxml2", "affectedVersion": { "fullName": "2.9.9-r2", "kind": "NORMAL", "name": "2.9.9", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxml2", "fixedVersion": { "fullName": "2.9.9-r5", "kind": "NORMAL", "name": "2.9.9", "revision": "r5" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2021-3537" } }, { "createTime": "2022-08-29T15:04:08.546833Z", "kind": "VULNERABILITY", "name": "projects/your-project/occurrences/ec3c4e4a-a271-4328-939e-ba2621bc9c9b", "noteName": "projects/goog-vulnz/notes/CVE-2021-3518", "resourceUri": "https://eu.gcr.io/your-project/nginx@sha256:0123456789xxxxx", "updateTime": "2022-08-29T15:04:08.546833Z", "vulnerability": { "cvssScore": 6.8, "cvssv3": { "attackComplexity": "ATTACK_COMPLEXITY_LOW", "attackVector": "ATTACK_VECTOR_NETWORK", "availabilityImpact": "IMPACT_HIGH", "baseScore": 8.8, "confidentialityImpact": "IMPACT_HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "IMPACT_HIGH", "privilegesRequired": "PRIVILEGES_REQUIRED_NONE", "scope": "SCOPE_UNCHANGED", "userInteraction": "USER_INTERACTION_REQUIRED" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:P/I:P/A:P", "packageIssue": [ { "affectedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "affectedPackage": "libxml2", "affectedVersion": { "fullName": "2.9.9-r2", "kind": "NORMAL", "name": "2.9.9", "revision": "r2" }, "effectiveSeverity": "MEDIUM", "fixAvailable": true, "fixedCpeUri": "cpe:/o:alpine:alpine_linux:3.10", "fixedPackage": "libxml2", "fixedVersion": { "fullName": "2.9.9-r5", "kind": "NORMAL", "name": "2.9.9", "revision": "r5" }, "packageType": "OS" } ], "severity": "MEDIUM", "shortDescription": "CVE-2021-3518" } } ] } } }
See also[edit]
gcloud beta [ monitoring | container ]
gcloud container [ clusters | images | get-server-config | subnets ]
Advertising: