View images in your environment

See detailed information of every image running in your environment.

With the StackRox Kubernetes Security Platform you can identify and analyze all container images in your environment.

For the StackRox Kubernetes Security Platform version 3.0.42 and newer, we’ve moved the Images view in the Vulnerability Management view. To view details for all the images in your cluster, on the Vulnerability Management view header, select Images. For more information, see the Other views and the View Dockerfile for an image sections of the Manage vulnerabilities topic.

To view the images in your cluster:

  1. Select Images from the left-hand navigation menu.

The Images view lists all images in use in your clusters. The information is in a table with the following columns for every image:

  • Image: the image name
  • Created at: a timestamp indicating the date and the time the image was built
  • Components: the number of components found in the image
  • CVEs: the number of Common Vulnerabilities and Exposures (CVEs) found in the image
  • Fixable CVEs: the number of CVEs that could be fixed by updating a component to a new version

Click on the heading of each column to sort the images in ascending or descending order.

When you select one of the images from the Images view, an image details panel opens on the right that shows detailed information for the selected image.

Image details panel

Image details panel
Image details panel

The panel that displays for each image includes the following information:

  • Last scan time: the time the image was last scanned for components and vulnerabilities
  • Digest: the cryptographic digest that identifies the image
  • Components: the number of components found in the image
  • CVEs: the number of Common Vulnerabilities and Exposures (CVEs) found in the image

To understand your exposures:

  • Select View Deployments to see where affected images are deployed, or
  • Select View Dockerfile to see layer-by-layer components and vulnerabilities

The CVEs section lists package names, package version, number of CVEs for the package, and if the vulnerabilities are fixable. For any package with more than one CVE, select the expand icon (▶) to view all applicable CVEs. After you expand, you get details about the CVEs, their Common Vulnerability Scoring System (CVSS) score, and the package version number in which the CVEs are fixed.

The StackRox Kubernetes Security Platform version 2.5.32.0 and newer includes support for CVSS version 3. For more details, see Vulnerability scores.

  • If a CVSS v3 score is available, it’s shown under the CVSS column. For example, 6.5 (v3).
  • There is no version information listed under the CVSS column for CVSS version 2.
  • You can use the API to get the CVSS v2 information. If CVSS v3 information is available for a particular CVE, the response includes both CVSS v3 and CVSS v2 information.
  • CVSS v3 scores are only available if you’re using StackRox Scanner version 1.3.5 and newer.

Dockerfile panel

The panel that opens when you click the View Dockerfile button shows the following information:

  • Instruction: the Dockerfile instruction used to create each image layer, like ENV or RUN
  • Value: the details of how the instruction was used, for example, the command executed in a RUN statement
  • Created: a timestamp that shows the date and time each image layer was built
  • Components: the number of components found in each image layer
  • CVEs: the number of Common Vulnerabilities and Exposures (CVEs) found in each image layer

Select the expand icon (▶) to view component and vulnerability details for a layer.

Image Dockerfile Panel
Image Dockerfile Panel

Filtering

To show images for a particular image registry, add a filter. For example, Image Registry: docker.io shows all images from Docker Hub.

Image filtering
Image filtering

Questions?

We're happy to help! Reach out to us to discuss questions, issues, or feature requests.

© 2021 StackRox Inc. All rights reserved.