search

Container Vulnerability

Get Container Vulnerability Information for a customer in PDF/JSON/CSV format

hashtag
Get Container Vulnerability Information

GET https://k2io.net/centralmanager/api/v1/download/containervulnerability/{K2_CUSTOMER_ID}

This endpoint allows you to get container vulnerability information for a customer. Note - In case you're using K2 On-Premises Portal then replace https://k2io.net in the API with elastic IP address of your K2 On-Premises Cluster.

hashtag
Path Parameters

Name
Type
Description

K2_CUSTOMER_ID

integer

customerId For e.g. 533, can be obtained from User Profile on K2 Portal.

hashtag
Query Parameters

Name
Type
Description

nodeId

string

Filter field to get vulnerability info of particular node(nodeId unqiuely identified by agent) For e.g. b08c857e-7daf-11eb-81e8-4f46643657f7.

startTime

integer

startTime of the vulnerability(time duration field in milliseconds) For e.g. 1619503221323.

endTime

integer

endTime of the vulnerability(time duration field in milliseconds) For e.g. 1631691905000.

fileType

string

download file type(csv,pdf,json) For e.g. csv.

cveType

string

Filter field to get vulnerability info of particular cve type. This is comma separated values For e.g. 'CVE-2021-3326%20on%20Ubuntu%2018.04% 20LTS%20%28bionic%29%20-% 20low.%2CCVE-2021-27645%20on%20Ubuntu%2016.04 %20LTS%20%28xenial%29%20-%20medium'

severityType

string

Filter field to get vulnerability info of particular severity level. This is comma separated values For e.g. CRITICAL%2CHIGH.

imageId

string

Filter field to get vulnerability info of particular docker image(imageId) For e.g. '8098427760333584225c96d7064de7ad 4a3231aa89b779c720833f84dcdc5017'.

hashtag
Headers

Name
Type
Description

K2_API_ACCESSOR_TOKEN

string

K2 API Accessor token obtained from Accounts sections of K2 Portal for e.g. 5b2bf1fa-f4e1-daf9-a787-bd5eXXXXXXXX 

{
    "data": [
        {
            "cve": "CVE-2021-20193 on Ubuntu 16.04 LTS (xenial) - low.",
            "description": "[Memory leak in read_header() in list.c]",
            "severity": "LOW",
            "links": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193 http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-20193.html https://savannah.gnu.org/bugs/?59897 https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980525",
            "application": "tar1.28-2.1ubuntu0.2",
            "imageId": "f6f49faac5cf9e9589f3c34821ba2d36fd093e7eb52d5b6cd000ea3dae3698df",
            "customerId": 533,
            "toolId": "clair-2021-03-31 00:00:00+00",
            "lastrunTimestamp": 1617259742697,
            "imageName": "ubuntu:16.04",
            "containerName": "ubuntu",
            "registry": "ubuntu"
        }
    ]
}

hashtag
Query Param Possible Values

hashtag
cveType

[ "CVE-2017-7526", "CVE-2017-7526 on Ubuntu 14.04 LTS (trusty) - medium.", "CVE-2017-7526 on Ubuntu 16.04 LTS (xenial) - medium.", "CVE-2017-7614 on Ubuntu 14.04 LTS (trusty) - low." ]

hashtag
severityType

[ "CRITICAL", "HIGH", "LOW", "MEDIUM", "NEGLIGIBLE", "UNKNOWN" ]

hashtag
cURL Example :

For e.g.

circle-exclamation

Make sure to use --output flag in curl command and pass output pdf file name when you are using fileType=pdf option.

hashtag
Sample Responses

Sample Responses returned by container vulnerability API

hashtag
JSON

hashtag
CSV

CSV Response for Container Vulnerability API

hashtag
PDF

PDF Response for Container Vulnerability API

hashtag
Accessing Container Vulnerability API Data On K2 Portal

You can access the data reported by Container Vulnerability View on K2 Portal by using below link.

Use Advanced Filter and get filtered data.

Container Vulnerability | K2 Portalarrow-up-right

PreviousAttacksNextExploitable Vulnerability Scan

Last updated

Was this helpful?