The container image is matched against known vulnerabilities in the National Vulnerability Database. Based on your configured Kubernetes policy, you can view security vulnerabilities, discover the availability of a fix for that vulnerability, and schedule patches or updates.

Procedure

  1. On the left navigation pane, click Harden > Vulnerabilities.
  2. Click the Container Images tab.

    The default severity filter is Critical. To view all vulnerabilities regardless of their severity, click All.

    By default, you can see vulnerabilities for all the containers images that are scanned using the CLI Client. To filter vulnerabilities that are only running in the Kubernetes environment, select the Running in Kubernetes checkbox on the top right.

  3. Double-click a row or click the arrow Right arrow icon at the right of the row to view the Vulnerability Details panel.
    Vulnerability Details panel on the Vulnerabilities/Container Images page

    In this panel, you can:

    • Click the link Link icon icon next to Images to open the Affected Images tab of the Vulnerability panel.
    • Click the link Link icon icon next to Workloads to open the Affected K8s Workloads tab of the Vulnerability panel.
    • Click the link Link icon icon next to the Risk category to open the Overview tab on the Vulnerability panel.

      Overview tab in the Vulnerability panel

    • Click the vulnerability reference tag or National Vulnerability Database to open a relevant external web page.

    See View a Container Image Scan Report - Vulnerability Details.