Search Workloads for Vulnerabilities

POST {{cb_url}}/containers/v1beta/orgs/{{cb_org_key}}/workloads/_search

List workloads with a specific vulnerabilities.

RBAC Permissions Required

Permission (.notation name)Operation(s)
kubernetes.securityREAD

API Documentation

Request Schema

{
    "criteria": {
        "cves": [
            {
                "cve": "<string>",
                "package": "<string>",
                "type": "<string>"
            }
        ],
        "images": [
            "<string>"
        ]
    },
    "query": "<string>",
    "start": 0,
    "rows": 20,
    "sort": [
        {
            "field": "<string>",
            "order": "<string>"
        },
        {
            "field": "<string>",
            "order": "<string>"
        }
    ]
}

Response Schema

{
  "num_found": <integer>,
  "results": [
    {
      "policy": {
        "name": "<string>",
        "policy_id": "<string>"
      },
      "risk": {
        "score": <float>,
        "severity": {}
      },
      "scopes": [
        {
          "policy_name": "<string>",
          "scope_id": "<string>"
        }
      ],
      "cluster": "<string>",
      "kind": "<string>",
      "name": "<string>",
      "namespace": "<string>"
    },
    {
      "policy": {
        "name": "<string>",
        "policy_id": "<string>"
      },
      "risk": {
        "score": <float>,
        "severity": {}
      },
      "scopes": [
        {
          "policy_name": "<string>",
          "scope_id": "<string>"
        }
      ],
      "cluster": "<string>",
      "kind": "<string>",
      "name": "<string>",
      "namespace": "<string>"
    }
  ]
}

Request Body

{"criteria"=>{"cves"=>[{"cve"=>"ALAS-2021-1722", "package"=>"nspr", "type"=>"rpm"}]}, "query"=>"", "start"=>0, "rows"=>20, "sort"=>[{"field"=>"vulnerabilities", "order"=>"DESC"}]}

HEADERS

KeyDatatypeRequiredDescription
Content-Typestring
Acceptstring

RESPONSES

status: OK

&quot;{\n    \&quot;num_found\&quot;: 1,\n    \&quot;results\&quot;: [\n        {\n            \&quot;cluster\&quot;: \&quot;testcluster\&quot;,\n            \&quot;container_images\&quot;: [\n                {\n                    \&quot;full_tag\&quot;: \&quot;fulltag/demo.container\&quot;,\n                    \&quot;manifest_digest\&quot;: \&quot;sha256:1234asdfrtyu876543fb228e8d5f9cea9311a12b0b7d884b9e1dc7665aad83047b\&quot;,\n                    \&quot;registry\&quot;: \&quot;123456789123.demo.org.host.company.com\&quot;,\n                    \&quot;repo\&quot;: \&quot;demo-repo\&quot;,\n                    \&quot;repo_digests\&quot;: [\n                        \&quot;\&quot;\n                    ],\n                    \&quot;tag\&quot;: \&quot;v1.2.3-demobuild.1\&quot;\n                }\n            ],\n            \&quot;enforcements\&quot;: 0,\n            \&quot;kind\&quot;: \&quot;DaemonSet\&quot;,\n            \&quot;name\&quot;: \&quot;aws-node\&quot;,\n            \&quot;namespace\&quot;: \&quot;kube-system\&quot;,\n            \&quot;policy\&quot;: {\n                \&quot;name\&quot;: \&quot;demo policy\&quot;,\n                \&quot;policy_id\&quot;: \&quot;1a2b3456-ce51-4569-94a1-defa909e1615\&quot;\n            },\n            \&quot;risk\&quot;: {\n                \&quot;score\&quot;: 9,\n                \&quot;severity\&quot;: \&quot;high\&quot;\n            },\n            \&quot;scopes\&quot;: [\n                {\n                    \&quot;policy_id\&quot;: \&quot;1a2b3456-ce51-4569-94a1-defa909e1615\&quot;,\n                    \&quot;policy_name\&quot;: \&quot;demo policy\&quot;,\n                    \&quot;scope_id\&quot;: \&quot;9876543a-a607-4377-8ca3-d1020ad8fb85\&quot;,\n                    \&quot;scope_name\&quot;: \&quot;demo-scope\&quot;\n                },\n            ],\n            \&quot;violations\&quot;: 0\n        }\n    ]\n}&quot;