This script will get a list of images in runtime filtered by cluster & namespace (if specified) and then queries the list of vulnrabilities for those images. You can optionally specify a package name such as log4j with the -p command line parameter, this will then only list vulnrabilities relating to that package.
Output report is written to the same directory as you run the script as output.csv and output.json
- python3
- requests
pip3 install requests
Make sure to have 2 environment variables set appropriately
export API_TOKEN="<Your Sysdig Secure API Token>"
export API_ENDPOINT="https://app.au1.sysdig.com"
If you are running this against an on-prem cluster you may need to set:
export API_SSL_VERIFY=false
Look in the cluster lab4, namespace example-voting-app for any vulnerabilities that have the log4j package
python3 sysdig_vuln_package_report.py -c lab4 -n example-voting-app -p log4j
python3 sysdig_vuln_ppackage_report.py -c lab4 -n sock-shop
python3 sysdig_vuln_ppackage_report.py -p log4j
fullTag,imageID,vtype,vuln,vulnURL,package,packageCPE,packageName,packagePath,packageType,severity,fixVersion,lastEvaluated,disclosureDate,solutionDate
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,VULNDB-259358,https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-259358,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,Critical,2.0-alpha1,1643321173,1623715200,1623715200
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,VULNDB-220038,https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-220038,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,Critical,2.8.2,1643321173,1576627200,1491350400
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,VULNDB-279568,https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-279568,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,High,2.0,1643321173,1642377600,1464566400
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,VULNDB-279567,https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-279567,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,High,2.0,1643321173,1642377600,1464566400
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,VULNDB-276252,https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-276252,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,Medium,2.0 2.16.0,1643321173,1639180800,1639353600
docker.io/nestorsalceda/example-voting-app-worker,73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088,non-os,CVE-2020-9488,https://nvd.nist.gov/vuln/detail/CVE-2020-9488,log4j-1.2.12,cpe:/a:-:log4j:1.2.12:-:-,log4j,/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar,java,Low,None,1643321173,1587772800,0
[
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "VULNDB-259358",
"vulnURL": "https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-259358",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "Critical",
"fixVersion": "2.0-alpha1",
"lastEvaluated": 1643321173,
"disclosureDate": 1623715200,
"solutionDate": 1623715200
},
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "VULNDB-220038",
"vulnURL": "https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-220038",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "Critical",
"fixVersion": "2.8.2",
"lastEvaluated": 1643321173,
"disclosureDate": 1576627200,
"solutionDate": 1491350400
},
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "VULNDB-279568",
"vulnURL": "https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-279568",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "High",
"fixVersion": "2.0",
"lastEvaluated": 1643321173,
"disclosureDate": 1642377600,
"solutionDate": 1464566400
},
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "VULNDB-279567",
"vulnURL": "https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-279567",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "High",
"fixVersion": "2.0",
"lastEvaluated": 1643321173,
"disclosureDate": 1642377600,
"solutionDate": 1464566400
},
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "VULNDB-276252",
"vulnURL": "https://app.au1.sysdig.com/secure//#/scanning/vulnerabilities/VULNDB-276252",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "Medium",
"fixVersion": "2.0 2.16.0",
"lastEvaluated": 1643321173,
"disclosureDate": 1639180800,
"solutionDate": 1639353600
},
{
"fullTag": "docker.io/nestorsalceda/example-voting-app-worker",
"imageID": "73666529d5ee968a3f85073a771db84f751b34e67069faa31009cc30887ca088",
"vtype": "non-os",
"vuln": "CVE-2020-9488",
"vulnURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488",
"package": "log4j-1.2.12",
"packageCPE": "cpe:/a:-:log4j:1.2.12:-:-",
"packageName": "log4j",
"packagePath": "/root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar",
"packageType": "java",
"severity": "Low",
"fixVersion": "None",
"lastEvaluated": 1643321173,
"disclosureDate": 1587772800,
"solutionDate": "0"
}
]