Container Vulnerability

Get Container Vulnerability Information for a customer in PDF/JSON/CSV format

Get Container Vulnerability Information

GET https://k2io.net/centralmanager/api/v1/download/containervulnerability/{K2_CUSTOMER_ID}

This endpoint allows you to get container vulnerability information for a customer. Note - In case you're using K2 On-Premises Portal then replace https://k2io.net in the API with elastic IP address of your K2 On-Premises Cluster.

Path Parameters

Name	Type	Description
K2_CUSTOMER_ID	integer	customerId For e.g. 533, can be obtained from User Profile on K2 Portal.

Query Parameters

Name	Type	Description
nodeId	string	Filter field to get vulnerability info of particular node(nodeId unqiuely identified by agent) For e.g. b08c857e-7daf-11eb-81e8-4f46643657f7.
startTime	integer	startTime of the vulnerability(time duration field in milliseconds) For e.g. 1619503221323.
endTime	integer	endTime of the vulnerability(time duration field in milliseconds) For e.g. 1631691905000.
fileType	string	download file type(csv,pdf,json) For e.g. csv.
cveType	string	Filter field to get vulnerability info of particular cve type. This is comma separated values For e.g. 'CVE-2021-3326%20on%20Ubuntu%2018.04% 20LTS%20%28bionic%29%20-% 20low.%2CCVE-2021-27645%20on%20Ubuntu%2016.04 %20LTS%20%28xenial%29%20-%20medium'
severityType	string	Filter field to get vulnerability info of particular severity level. This is comma separated values For e.g. CRITICAL%2CHIGH.
imageId	string	Filter field to get vulnerability info of particular docker image(imageId) For e.g. '8098427760333584225c96d7064de7ad 4a3231aa89b779c720833f84dcdc5017'.

Headers

Name	Type	Description
K2_API_ACCESSOR_TOKEN	string	K2 API Accessor token obtained from Accounts sections of K2 Portal for e.g. 5b2bf1fa-f4e1-daf9-a787-bd5eXXXXXXXX

200 Container Vulnerability successfully retrieved.

{
    "data": [
        {
            "cve": "CVE-2021-20193 on Ubuntu 16.04 LTS (xenial) - low.",
            "description": "[Memory leak in read_header() in list.c]",
            "severity": "LOW",
            "links": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193 http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-20193.html https://savannah.gnu.org/bugs/?59897 https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980525",
            "application": "tar1.28-2.1ubuntu0.2",
            "imageId": "f6f49faac5cf9e9589f3c34821ba2d36fd093e7eb52d5b6cd000ea3dae3698df",
            "customerId": 533,
            "toolId": "clair-2021-03-31 00:00:00+00",
            "lastrunTimestamp": 1617259742697,
            "imageName": "ubuntu:16.04",
            "containerName": "ubuntu",
            "registry": "ubuntu"
        }
    ]
}

401 Firing Request with incorrect K2_API_ACCESSOR_TOKEN

{
  "errors": [
    "Incorrect username/password",
    "Incorrect K2_API_ACCESSOR_TOKEN",
    "User deleted/inactive"
  ],
  "errorType": "K2-Authentication",
  "status": "FAILURE"
}

500 Firing Request without required fields

{
  "errors": [
    "MissingServletRequestParameterException: Required Long parameter 'startTime' is not present"
  ],
  "errorType": "K2-MissingServletRequestParameterException",
  "status": "FAILURE"
}

Query Param Possible Values

cveType

[ "CVE-2017-7526", "CVE-2017-7526 on Ubuntu 14.04 LTS (trusty) - medium.", "CVE-2017-7526 on Ubuntu 16.04 LTS (xenial) - medium.", "CVE-2017-7614 on Ubuntu 14.04 LTS (trusty) - low." ]

severityType

[ "CRITICAL", "HIGH", "LOW", "MEDIUM", "NEGLIGIBLE", "UNKNOWN" ]

cURL Example :

curl --location --request GET 'https://k2io.net/centralmanager/api/v1/download/containervulnerability/${K2_CUSTOMER_ID}?startTime=${START_TIME}&endTime=${END_TIME}&fileType=${FILE_DOWNLOAD_TYPE} --header 'K2_API_ACCESSOR_TOKEN: ${K2_API_ACCESSOR_TOKEN}'

For e.g.

curl --location --request GET 'https://k2io.net/centralmanager/api/v1/download/containervulnerability/533?startTime=0&endTime=1619503221323&fileType=json --header 'K2_API_ACCESSOR_TOKEN: 5b2bf1fa-f4e1-daf9-a787-bd5eXXXXXXXX'

Make sure to use --output flag in curl command and pass output pdf file name when you are using fileType=pdf option.

Sample Responses

Sample Responses returned by container vulnerability API

JSON

{
    "data": [
        {
            "cve": "CVE-2021-20193 on Ubuntu 16.04 LTS (xenial) - low.",
            "description": "[Memory leak in read_header() in list.c]",
            "severity": "LOW",
            "links": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193 http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-20193.html https://savannah.gnu.org/bugs/?59897 https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980525",
            "application": "tar1.28-2.1ubuntu0.2",
            "imageId": "f6f49faac5cf9e9589f3c34821ba2d36fd093e7eb52d5b6cd000ea3dae3698df",
            "customerId": 533,
            "toolId": "clair-2021-03-31 00:00:00+00",
            "lastrunTimestamp": 1617259742697,
            "imageName": "ubuntu:16.04",
            "containerName": "ubuntu",
            "registry": "ubuntu"
        }
    ]
}

CSV

CSV Response for Container Vulnerability API

PDF

PDF Response for Container Vulnerability API

Accessing Container Vulnerability API Data On K2 Portal

You can access the data reported by Container Vulnerability View on K2 Portal by using below link.

Use Advanced Filter and get filtered data.

Container Vulnerability | K2 Portal