Container Vulnerability Reports
Container Vulnerability Reports lists unique container images that have vulnerabilities in the selected namespace. You can open each report to see scan metadata and the full list of CVEs. This page is reachable from Security > Container Scanning > Vulnerability Reports or by clicking the Vulnerability Reports block on the Container Scanning Overview page.
Reports Listβ
The page shows a short description such as Unique container images with vulnerabilities in namespace <namespace>. At the top right you can change the Namespace to filter by namespace.
Tableβ
Use the Columns control (e.g. "Columns 9") to choose which columns are visible. The table includes:
| Column | Description |
|---|---|
| Image | Container image (e.g. library/nginx:latest). Rows can be expanded (arrow) for more detail. |
| Namespace | Namespace where the image is used. |
| Resources | Number of resources using this image (e.g. "1 resource"); the value is clickable and leads to the report details. |
| Critical | Count of critical vulnerabilities. |
| High | Count of high-severity vulnerabilities. |
| Medium | Count of medium-severity. |
| Low | Count of low-severity. |
| Total | Total vulnerability count. |
| Last Scan | Date and time of the last scan. |
Pagination at the bottom (e.g. "Rows per page 25", "1β1 of 1") lets you move through the list. Click a row or the Resources link to open Report Details for that image.
Report Detailsβ
When you open a report, the breadcrumbs show Security > Container Scanning > Vulnerability Reports > Report Details.
At the top you see:
- Severity summary β Badges with counts: Critical, High, Medium, Low, Unknown (e.g. "0 Critical", "5 High").
- Container block β Image name (e.g.
index.docker.io/library/nginx:latest), Container name, Resource (e.g. ReplicaSet/webserver-bc6dbb848), Namespace, and base OS (e.g. debian 13.3).
Two tabs are available: Overview and Vulnerabilities (with the total count, e.g. "Vulnerabilities 5").
Overview Tabβ
The Overview tab shows structured information:
- Scan Information β Scanner (e.g. Trivy), Scanner Version (e.g. 0.66.0), Vendor (e.g. Aqua Security), Last Scan (date and time).
- Image Information β Registry (e.g. index.docker.io), Repository (e.g. library/nginx), Tag (e.g. latest), Digest (truncated hash).
- Operating System β Family and Version of the base image (e.g. debian 13.3).
- Resource Information β Namespace, Resource Kind (e.g. ReplicaSet), Resource Name, Container name.
Use this to understand how and when the image was scanned and where it runs.
Vulnerabilities Tabβ
The Vulnerabilities tab lists all findings for this image. The table has:
| Column | Description |
|---|---|
| CVE ID | CVE identifier (e.g. CVE-2026-0861, CVE-2026-22695). Each CVE ID is a link that opens the vulnerability details in the Aqua Vulnerability Database (e.g. https://avd.aquasec.com/nvd/2026/cve-2026-0861/), where you can read description, CVSS, affected software, and mitigations. |
| Severity | Severity level (e.g. High), often with a colored tag. |
| Resource | Affected package or component. |
| Installed Version | Version currently in the image. |
| Fixed Version | Version that fixes the issue (may be empty if no fix is known). |
| Score | Severity score (e.g. 8.1, 7.1). |
| Title | Short description of the vulnerability. |
Use Columns (e.g. "Columns 7") to customize the table. Pagination (e.g. "Rows per page: 25", "1β5 of 5") lets you move through the list when there are many vulnerabilities.