Qodex.ai

Get image report

GET {{baseUrl}}/reports/:repository/:image/:tag

Returns a vulnerability report for the specified image.

Requires BASIC [16] user permissions. See Permissions.

RESPONSES

status: OK

{"os_release_name":"16.04.2 LTS (Xenial Xerus)","malware":[{"file":"/20131116130541_http___198_2_192_204_22_disknyp","type":"ELF32","md5":"c92129fc230bacd113530fee254fc2b6","sha256":"sha256:60e24cb19a3cfdc88712f3511adfde242abff3c1915b34eeb19dd7cc72380df2"},{"file":"/20131103183232_http___61_132_227_111_8080_meimei","type":"ELF32","md5":"27072fd3a3cedaeed8cfebf29b9ed73f","sha256":"sha256:a8cd37210dea08880122c360cd096eda872f443c3dd39e498b2695955a3e0ad7"},{"file":"/20131116163507_http___198_2_192_204_22_disknyp","type":"ELF32","md5":"c92129fc230bacd113530fee254fc2b6","sha256":"sha256:60e24cb19a3cfdc88712f3511adfde242abff3c1915b34eeb19dd7cc72380df2"}],"sha256":"sha256:f708f91abdec052d05a46213815540616d24627b6af9cb3668484efb017969bf","os":"LINUX_UBUNTU","risk_score":10,"findings":[{"nvdFinding":{"cve":"CVE-2018-0494","description":"2018/05/09","published_date":"2018/05/09","modified_date":"It was discovered that Wget incorrectly handled certain inputs. An\nattacker could possibly use this to inject arbitrary cookie values.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.","cvss_score":"4.3","access_vector":"Network","access_complexity":"Medium","auth":"None required","availability_impact":"None","confidentiality_impact":"None","integrity_impact":"Partial","cwe":"CWE-20","cpe":["p-cpe:/a:canonical:ubuntu_linux:wget"],"remediation":"Update the affected wget package.","references":["USN:3643-1"]},"packages":[{"name":"wget","version":"1.17.1-1ubuntu1.2","type":"linux"}]},{"nvdFinding":{"cve":"CVE-2017-15670","description":"2018/01/17","published_date":"2018/01/17","modified_date":"It was discovered that the GNU C library did not properly handle all\nof the possible return values from the kernel getcwd(2) syscall. A\nlocal attacker could potentially exploit this to execute arbitrary\ncode in setuid programs and gain administrative privileges.\n(CVE-2018-1000001)\n\nA memory leak was discovered in the _dl_init_paths() function in the\nGNU C library dynamic loader. A local attacker could potentially\nexploit this with a specially crafted value in the LD_HWCAP_MASK\nenvironment variable, in combination with CVE-2017-1000409 and another\nvulnerability on a system with hardlink protections disabled, in order\nto gain administrative privileges. (CVE-2017-1000408)\n\nA heap-based buffer overflow was discovered in the _dl_init_paths()\nfunction in the GNU C library dynamic loader. A local attacker could\npotentially exploit this with a specially crafted value in the\nLD_LIBRARY_PATH environment variable, in combination with\nCVE-2017-1000408 and another vulnerability on a system with hardlink\nprotections disabled, in order to gain administrative privileges.\n(CVE-2017-1000409)\n\nAn off-by-one error leading to a heap-based buffer overflow was\ndiscovered in the GNU C library glob() implementation. An attacker\ncould potentially exploit this to cause a denial of service or execute\narbitrary code via a maliciously crafted pattern. (CVE-2017-15670)\n\nA heap-based buffer overflow was discovered during unescaping of user\nnames with the ~ operator in the GNU C library glob() implementation.\nAn attacker could potentially exploit this to cause a denial of\nservice or execute arbitrary code via a maliciously crafted pattern.\n(CVE-2017-15804)\n\nIt was discovered that the GNU C library dynamic loader mishandles\nRPATH and RUNPATH containing $ORIGIN for privileged (setuid or\nAT_SECURE) programs. A local attacker could potentially exploit this\nby providing a specially crafted library in the current working\ndirectory in order to gain administrative privileges. (CVE-2017-16997)\n\nIt was discovered that the GNU C library malloc() implementation could\nreturn a memory block that is too small if an attempt is made to\nallocate an object whose size is close to SIZE_MAX, resulting in a\nheap-based overflow. An attacker could potentially exploit this to\ncause a denial of service or execute arbitrary code. This issue only\naffected Ubuntu 17.10. (CVE-2017-17426).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.","cvss_score":"7.5","access_vector":"Network","access_complexity":"Medium","auth":"None required","availability_impact":"Complete","confidentiality_impact":"Complete","integrity_impact":"Complete","cwe":"CWE-119","cpe":["p-cpe:/a:canonical:ubuntu_linux:libc6"],"remediation":"Update the affected libc6 package.","references":["USN:3534-1"]},"packages":[{"name":"libc6","version":"2.23-0ubuntu9","type":"linux"}]},{"nvdFinding":{"cve":"CVE-2017-13089","description":"2017/10/26","published_date":"2017/10/26","modified_date":"Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that\nWget incorrectly handled certain HTTP responses. A remote attacker\ncould use this issue to cause Wget to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. (CVE-2017-13089,\nCVE-2017-13090)\n\nDawid Golunski discovered that Wget incorrectly handled recursive or\nmirroring mode. A remote attacker could possibly use this issue to\nbypass intended access list restrictions. (CVE-2016-7098)\n\nOrange Tsai discovered that Wget incorrectly handled CRLF sequences in\nHTTP headers. A remote attacker could possibly use this issue to\ninject arbitrary HTTP headers. (CVE-2017-6508).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.","cvss_score":"9.3","access_vector":"Network","access_complexity":"Medium","auth":"None required","availability_impact":"Complete","confidentiality_impact":"Complete","integrity_impact":"Complete","cwe":"CWE-119","cpe":["p-cpe:/a:canonical:ubuntu_linux:wget"],"remediation":"Update the affected wget package.","references":["USN:3464-1"]},"packages":[{"name":"wget","version":"1.17.1-1ubuntu1.2","type":"linux"}]}],"os_version":"16.04","created_at":"2018-12-31T17:07:34.556Z","installed_packages":[{"name":"dpkg","version":"1.18.4ubuntu1.2","type":"linux"},{"name":"ubuntu-keyring","version":"2012.05.19","type":"linux"},{"name":"libssl1.0.0","version":"1.0.2g-1ubuntu4.8","type":"linux"},{"name":"libcap2-bin","version":"1:2.24-12","type":"linux"},{"name":"liblz4-1","version":"0.0~r131-2ubuntu2","type":"linux"}],"platform":"docker","image_name":"ubuntu","updated_at":"2019-12-31T11:04:20.301Z","digest":"f708f91abdec052d05a46213815540616d24627b6af9cb3668484efb017969bf","tag":"infected","potentially_unwanted_programs":[],"docker_image_id":"4013750e4cd5","os_architecture":"AMD64"}