Cluster Vulnerability Reports
Cluster Vulnerability Reports under Security > Cluster Security > Vulnerability Reports list cluster-wide container image vulnerability reports. Unlike Container Vulnerability Reports (namespace-scoped), the scope is the whole cluster. You can open each report to see scan metadata and the full list of CVEs.
Reports Listβ
The page title is Cluster Vulnerability Reports, with a short description: Cluster-wide container image vulnerability reports. There is no namespace filter β the list covers all reported images at cluster level.
Tableβ
Use the Columns control (e.g. "Columns 9") to choose which columns are visible. The table includes:
| Column | Description |
|---|---|
| Image | Container image identifier (e.g. kubernetes.1.34.2-eks-b312614). |
| Critical | Count of critical vulnerabilities. |
| High | Count of high-severity vulnerabilities. |
| Medium | Count of medium-severity. |
| Low | Count of low-severity. |
| Unknown | Count of unknown-severity. |
| OS Family | Operating system family of the image (e.g. amazon). |
| Last Updated | Date and time when the report was last updated. |
Each row has an eye icon (or similar) at the end to open Report Details. Pagination at the bottom (e.g. "Rows per page: 25", "1β1 of 1") lets you move through the list.
Report Detailsβ
When you open a report, the breadcrumbs show Security > Cluster Security > Cluster Vulnerability Reports > Report Details.
At the top you see:
- Image identifier β Full image reference (e.g.
k8s.io/kubernetes:1.34.2-eks-b3126f4) with a shield icon. A No Vulnerabilities badge appears when no issues were found. - Context β Container name (e.g. k8s-cluster), Resource (e.g. ClusterSbomReport/55967dc54c), Scope: Cluster, and base OS (e.g. amazon 2023.8.20250908).
- Severity summary β Badges with counts: Critical, High, Medium, Low, Unknown (e.g. "0 Critical", "0 High").
Two tabs are available: Overview and Vulnerabilities (with the total count when there are findings).
Overview Tabβ
The Overview tab shows structured information:
- Scan Information β Scanner (e.g. Trivy), Scanner Version (e.g. 0.66.0), Vendor (e.g. Aqua Security), Last Scan (date and time).
- Image Information β Registry (e.g. k8s.io), Repository (e.g. kubernetes), Tag (e.g. 1.34.2-eks-b3126f4), Digest (if present).
- Operating System β Family and Version of the base image (e.g. amazon 2023.8.20250908).
- Resource Information β Scope (Cluster), Resource Kind (e.g. ClusterSbomReport), Resource Name, Container name.
Use this to understand how and when the image was scanned and which cluster resource it belongs to.
Vulnerabilities Tabβ
The Vulnerabilities tab lists all findings for this image. The table has:
| Column | Description |
|---|---|
| CVE ID | CVE identifier (e.g. CVE-2026-0861). Each CVE ID is a link that opens the vulnerability details in the Aqua Vulnerability Database (e.g. https://avd.aquasec.com/nvd/2026/cve-2026-0861/), where you can read description, CVSS, affected software, and mitigations. |
| Severity | Severity level (e.g. High), often with a colored tag. |
| Resource | Affected package or component. |
| Installed Version | Version currently in the image. |
| Fixed Version | Version that fixes the issue (may be empty if no fix is known). |
| Score | Severity score (e.g. 8.1). |
| Title | Short description of the vulnerability. |
Use Columns (e.g. "Columns 7") to customize the table. Pagination (e.g. "Rows per page: 25") lets you move through the list when there are many vulnerabilities. If the image has no known vulnerabilities, the tab shows an empty state: No vulnerabilities found and a short message such as This container image has no known vulnerabilities, with "0 of 0" in the pagination.