← Back to index Esc
Kind
ClusterVulnerabilityReport
Group
aquasecurity.github.io
Version
v1alpha1
apiVersion: aquasecurity.github.io/v1alpha1 kind: ClusterVulnerabilityReport metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object
report object required
Report is the actual vulnerability report data.
artifact object required
Artifact represents a standalone, executable package of software that includes everything needed to run an application.
digest string
Digest is a unique and immutable identifier of an Artifact.
mimeType string
MimeType represents a type and format of an Artifact.
repository string
Repository is the name of the repository in the Artifact registry.
tag string
Tag is a mutable, human-readable string used to identify an Artifact.
os object required
OS information of the artifact
eosl boolean
Eosl is true if OS version has reached end of service life
family string
Operating System Family
name string
Name or version of the OS
registry object
Registry is the registry the Artifact was pulled from.
server string
Server the FQDN of registry server.
scanner object required
Scanner is the scanner that generated this report.
name string required
Name the name of the scanner.
vendor string required
Vendor the name of the vendor providing the scanner.
version string required
Version the version of the scanner.
summary object required
Summary is a summary of Vulnerability counts grouped by Severity.
criticalCount integer required
CriticalCount is the number of vulnerabilities with Critical Severity.
minimum: 0
highCount integer required
HighCount is the number of vulnerabilities with High Severity.
minimum: 0
lowCount integer required
LowCount is the number of vulnerabilities with Low Severity.
minimum: 0
mediumCount integer required
MediumCount is the number of vulnerabilities with Medium Severity.
minimum: 0
noneCount integer
NoneCount is the number of packages without any vulnerability.
minimum: 0
unknownCount integer required
UnknownCount is the number of vulnerabilities with unknown severity.
minimum: 0
updateTimestamp string required
UpdateTimestamp is a timestamp representing the server time in UTC when this report was updated.
format: date-time
vulnerabilities []object required
Vulnerabilities is a list of operating system (OS) or application software Vulnerability items found in the Artifact.
class string
cvss object
cvsssource string
description string
fixedVersion string required
FixedVersion indicates the version of the Resource in which this vulnerability has been fixed.
installedVersion string required
InstalledVersion indicates the installed version of the Resource.
lastModifiedDate string required
LastModifiedDate indicates the last date CVE has been modified.
links []string
packagePURL string
packagePath string
packageType string
primaryLink string
publishedDate string required
PublishedDate indicates the date of published CVE.
resource string required
Resource is a vulnerable package, application, or library.
score number
severity string required
Severity level of a vulnerability or a configuration audit check.
enum: CRITICAL, HIGH, MEDIUM, LOW, UNKNOWN
target string
title string required
vulnerabilityID string required
VulnerabilityID the vulnerability identifier.
Copied!