Information about detected vulnerabilities
The list of vulnerabilities detected during image scans is presented as a table on the Vulnerabilities tab in the image scan results window. For each vulnerability, the following information is provided:
- Vulnerability entry ID (for example, CVE-2025-XXXX or TEMP-XXXXXXX-XXXXXX).
- The vulnerability's severity level based on its risk rating.
If a vulnerability contains an exploit, an exploit icon (
or 
) is displayed next to the severity level. - Installed containerized resource in which the vulnerability was detected.
- Whether a fix for the vulnerability is available from the vendor. The solution shows the version number that has the fix, or indicates that no fix is available.
- Number of accepted risks for this vulnerability. The following values may be displayed:
0means that the risk for the vulnerability was not accepted or the object is outside of the scope of the applicable risk acceptance rules.Nis the number of created risk acceptance rules that resulted in the risk being accepted.
To customize the display of objects in the table, do one of the following:
- Enable or disable the Show only exploits toggle switch. If this toggle switch is enabled, only vulnerabilities with exploits are displayed in the table. If the toggle switch is disabled, the table lists all detected vulnerabilities.
- In the search field above the table, enter the vulnerability entry ID or resource. As a result of the search, the table contains only objects that fully or partially match the search string.
- Click the filter icon (
) and configure the display of objects in the sidebar. You can configure the display of vulnerabilities in the table by the following parameters:- By the existence of an exploit of the vulnerability.
- By severity level or score.
- By the existence of a fix from the vendor.
- By risk acceptance for the vulnerability.
The tags of the applied filters are displayed above the vulnerability table.
You can view the detailed information about a detected vulnerability by clicking the vulnerability entry ID.
This opens the sidebar with the following information about the detected vulnerability:
- Vulnerability entry identifier
- The General information tab displays the following:
- Description of the vulnerability from the vulnerability database. The description is provided in the language of the vulnerabilities database. For example, descriptions of vulnerabilities from the NVD are displayed in English.
- The vulnerability's severity level based on its risk rating.
- If a vulnerability contains an exploit, an exploit icon ( or ) is displayed next to the severity level.
- Installed resource in which the vulnerability was detected.
- Vulnerability severity score based on the CVSS open standard in the NVD, Data Security Threats Database, and RED OS vulnerability databases, the final consolidated vulnerability severity score as well as exploit description (if the vulnerability contains an exploit).
- The Artifacts tab displays detailed information on artifacts for images from registries and the runtime or CI/CD objects and indicates how many artifacts there are.
The block for an image from a registry or runtime shows the following information:
- Image name If autoprofiles were created based on the digest of this image, an autoprofile icon (
) appears next to the image name.
Clicking the image name takes you to the image scan details page.
To view detailed information, you need the rights to view the image scan results.
- Operating system of the image.
- Compliance status of the image: Compliant or Not-compliant.
- Risk rating.
- Date and time of the last time the image was scanned
- Date and time when the vulnerability was first detected in the image.
The block for an object from the CI/CD pipeline shows the following information:
- Artifact and the artifact name.
Clicking the artifact name takes you to the page containing detailed information about the results of scanning objects at the project build stage.
To view detailed information, you need the rights to view the results of scanning objects in CI/CD processes.
- Operating system in which the object was scanned.
- Compliance status of the image: Compliant or Not-compliant.
- Risk rating.
- Date and time of the last object scan
- Date and time when the vulnerability was first detected in the object.
- Timestamp for scanning the object in a CI/CD process.
- Image name If autoprofiles were created based on the digest of this image, an autoprofile icon (
- The Workloads tab displays a list of the pods containing images with the vulnerability and how many of them there are. For each object, the following information is provided:
- Name of the namespace containing the pod in whose image the vulnerability was detected.
If you click the namespace name, the solution will open the namespace's sidebar from the graph.
- Name of the pod in whose image the vulnerability was detected.
If you click the namespace name, the solution will open the pod's sidebar from the graph.
You can download the information about a vulnerability or malware in the .CSV format by clicking Download *.CSV.
- Name of the namespace containing the pod in whose image the vulnerability was detected.
- The Risk acceptance tab displays the following information:
- Risk acceptance date.
- Risk acceptance period.
- Subset.
- Object for which the risk is accepted (for example, repository, image, or artifact).
- Person who initiated risk acceptance.
- Reason for risk acceptance.
The Risk acceptance tab is available if you have rights to view accepted risks.
For each accepted risk, you can do the following:
- Click the
icon to set the duration of the risk acceptance. - Click the
icon to cancel the risk acceptance.
This tab also lets you click the Add risk acceptance button to add a risk acceptance for the vulnerability.
The "Manage risks" rights are required to edit the risk acceptance settings.