pluggable-scanner-spec icon indicating copy to clipboard operation
pluggable-scanner-spec copied to clipboard

Published 20 hours ago verified publisher icon goharbor

Add more attributes to vulnerabilities

Open stonezdj opened this issue 1 year ago • 0 comments

Current only package is defined as the attribute to vulnerability items, As scanner users, they'd like to know which binary and which layer are impacted by the vulnerability. Suggest to add two optional attribute to vulnerability item in the spec

     "binary": "/harbor/harbor_jobservice",
      "layer": {
        "digest": "sha256:1cfaf5c6f756207bc4607d40ddd440bd2bfa7ab455b2c3015ccf56d85cd1377b",
        "diff_id": "sha256:c2ddc1bc2645ab5d982c60434d8bbc6aecee1bd4e8eee0df7fd08c96df2d58bb"
      },

stonezdj avatar May 31 '23 07:05 stonezdj