Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4411

Add an API Endpoint which reports the first tag or digest in a repository which fixed a given vulnerability

    XMLWordPrintable

Details

    • x86_64
    • 0
    • 0% 0%

    Description

      Given a repository name and a vulnerability (CVE-ID) return the first (in chronological order) tag or digest which fixed that vulnerability or none is not fixed. If the CVE never existed in the repository also return none, but also some indicator (such as a error message) that it never existed.

      This would allow Security Scanners to tell which tag or digest they need to upgrade to in order to fix a vulnerability, reducing the risk of a breaking change, or also providing protection from the given vulnerability.

      Attachments

        Activity

          People

            DanielMesser Daniel Messer
            rhn-support-jshepher Jason Shepherd
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: