查询镜像漏洞结果
更新时间:2026-06-09
接口描述
查询针对指定镜像Tag的扫描包含的漏洞结果。
API Explorer
去调试
您可以在 API Explorer 中直接运行该接口,免去您计算签名的困扰。运行成功后,API Explorer 可以自动生成 SDK 代码示例。
请求结构
Plain Text
1GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName}/scanoverview?pageNo={pageNo}&pageSize={pageSize} HTTP/1.1
2Host: ccr.bd.baidubce.com
3Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必需 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | URL参数 | CCR实例ID |
| projectName | String | 是 | URL参数 | 命名空间名称 |
| repositoryName | String | 是 | URL参数 | 镜像仓库名称 |
| tagName | String | 是 | URL参数 | Tag名称 |
| pageNo | Integer | 否 | Query参数 | 当前页 |
| pageSize | Integer | 否 | Query参数 | 每页记录数 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| items | List<ArtifactScanOverview> | 漏洞扫描结果列表 |
| lastScanTime | String | 最近一次扫描时间 |
| pageNo | Integer | 当前页,默认为1 |
| pageSize | Integer | 每页记录数,默认为10 |
| summary | Object | 不同严重程度的漏洞数量 |
| total | Integer | 漏洞总数 |
请求示例
Plain Text
1GET /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051/scanoverview HTTP/1.1
2Host: ccr.bd.baidubce.com
3Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
Plain Text
1HTTP/1.1 200 OK
2Content-Type: application/json; charset=utf-8
3Date: Mon, 01 Aug 2022 13:07:37 GMT
4X-Bce-Gateway-Region: BJ
5X-Bce-Request-Id: 0dba647a-57ae-496d-b409-b9a25e2613c2
6
7{
8 "total": 209,
9 "pageNo": 1,
10 "pageSize": 10,
11 "summary": {
12 "High": 8,
13 "Low": 103,
14 "Medium": 98
15 },
16 "items": [
17 {
18 "id": "CVE-2019-17567",
19 "package": "apache2-utils",
20 "version": "2.4.29-1ubuntu4.13",
21 "fixVersion": "",
22 "severity": "Medium",
23 "description": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
24 "links": [
25 "https://avd.aquasec.com/nvd/cve-2019-17567"
26 ]
27 },
28 {
29 "id": "CVE-2021-26691",
30 "package": "apache2-utils",
31 "version": "2.4.29-1ubuntu4.13",
32 "fixVersion": "2.4.29-1ubuntu4.16",
33 "severity": "Medium",
34 "description": "In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow",
35 "links": [
36 "https://avd.aquasec.com/nvd/cve-2021-26691"
37 ]
38 },
39 {
40 "id": "CVE-2021-30641",
41 "package": "apache2-utils",
42 "version": "2.4.29-1ubuntu4.13",
43 "fixVersion": "2.4.29-1ubuntu4.16",
44 "severity": "Medium",
45 "description": "Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'",
46 "links": [
47 "https://avd.aquasec.com/nvd/cve-2021-30641"
48 ]
49 },
50 {
51 "id": "CVE-2021-40438",
52 "package": "apache2-utils",
53 "version": "2.4.29-1ubuntu4.13",
54 "fixVersion": "2.4.29-1ubuntu4.18",
55 "severity": "Medium",
56 "description": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
57 "links": [
58 "https://avd.aquasec.com/nvd/cve-2021-40438"
59 ]
60 }
61 ],
62 "lastScanTime": "2022-08-01T14:15:17.329Z"
63}评价此篇文章