1ffee6484d
Fixes #1199
201 lines
9.4 KiB
HTML
201 lines
9.4 KiB
HTML
<div class="image-vulnerability-view-element">
|
|
<!-- Not scanned -->
|
|
<div class="empty" ng-if="securityStatus == 'queued'">
|
|
<div class="empty-primary-msg">This image has not been indexed yet</div>
|
|
<div class="empty-secondary-msg">
|
|
Please try again in a few minutes.
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Unable to scan -->
|
|
<div class="empty" ng-if="securityStatus == 'failed'">
|
|
<div class="empty-primary-msg">This image could not be indexed</div>
|
|
<div class="empty-secondary-msg">
|
|
Quay security scanner was unable to index this image.
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Scanned and has no features -->
|
|
<div ng-if="securityStatus == 'scanned' && !vulnerabilitiesInfo.features.length">
|
|
<div class="empty" style="margin-top: 20px;">
|
|
<div class="empty-icon">
|
|
<i class="fa fa-bug"></i>
|
|
</div>
|
|
<div class="empty-primary-msg">Image is not supported by Quay Security Scanner</div>
|
|
<div class="empty-secondary-msg">
|
|
This image has an operating system or package manager unsupported by Quay Security Scanner.
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Scanned and has features -->
|
|
<div ng-if="securityStatus == 'scanned' && vulnerabilitiesInfo.features.length">
|
|
<!-- Header -->
|
|
<div class="security-header">
|
|
<div class="donut-col">
|
|
<div id="vulnDonutChart" style="position: relative;">
|
|
<svg style="height:250px; width:250px"></svg>
|
|
<span class="donut-icon">
|
|
<i class="fa fa-bug"></i>
|
|
</span>
|
|
</div>
|
|
</div>
|
|
<div class="summary-col">
|
|
<ul class="summary-list" ng-if="vulnerabilitiesInfo.severityBreakdown.length">
|
|
<li class="title-item">Quay Security Scanner has detected <strong>{{ vulnerabilitiesInfo.vulnerabilities.length }}</strong> vulnerabilities.</li>
|
|
<li class="subtitle-item" ng-if="vulnerabilitiesInfo.fixable.length">
|
|
Patches are available for <strong>{{ vulnerabilitiesInfo.fixable.length }}</strong> vulnerabilities.
|
|
</li>
|
|
|
|
<li style="margin-bottom: 30px"></li>
|
|
|
|
<li class="severity-item" ng-repeat="severity in vulnerabilitiesInfo.severityBreakdown">
|
|
<i class="fa fa-exclamation-triangle" ng-style="{'color': severity.color}"></i> <strong>{{ severity.value }}</strong> {{ severity.label }}-level vulnerabilities.
|
|
</li>
|
|
</ul>
|
|
|
|
<div ng-if="!vulnerabilitiesInfo.severityBreakdown.length">
|
|
Quay Security Scanner has detected no vulnerabilities in this image.
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Filter -->
|
|
<span class="co-filter-box with-options" ng-show="vulnerabilitiesInfo.vulnerabilities.length">
|
|
<span class="filter-message" ng-if="options.filter || options.fixableVulns">
|
|
Showing {{ orderedVulnerabilities.entries.length }} of {{ vulnerabilitiesInfo.vulnerabilities.length }} Vulnerabilities
|
|
</span>
|
|
<input class="form-control" type="text" ng-model="options.filter" placeholder="Filter Vulnerabilities...">
|
|
<div class="filter-options">
|
|
<label><input type="checkbox" ng-model="options.fixableVulns">Only show fixable</label>
|
|
</div>
|
|
</span>
|
|
<h3>Image Vulnerabilities</h3>
|
|
|
|
<!-- Table -->
|
|
<div class="empty" ng-if="!vulnerabilitiesInfo.vulnerabilities.length"
|
|
style="margin-top: 20px;">
|
|
<div class="empty-primary-msg">No vulnerabilities found.</div>
|
|
<div class="empty-secondary-msg">Quay Security Scanner has detected no vulnerabilities in this image.</div>
|
|
</div>
|
|
|
|
<table class="co-table" ng-show="vulnerabilitiesInfo.vulnerabilities.length">
|
|
<thead>
|
|
<td class="caret-col"></td>
|
|
<td ng-class="TableService.tablePredicateClass('name', options.predicate, options.reverse)">
|
|
<a ng-click="TableService.orderBy('name', options)">CVE</a>
|
|
</td>
|
|
<td ng-class="TableService.tablePredicateClass('score', options.predicate, options.reverse)">
|
|
<a ng-click="TableService.orderBy('score', options)">Severity</a>
|
|
</td>
|
|
<td class="hidden-xs" ng-class="TableService.tablePredicateClass('featureName', options.predicate, options.reverse)">
|
|
<a ng-click="TableService.orderBy('featureName', options)">Package</a>
|
|
</td>
|
|
<td class="hidden-xs">Current version</td>
|
|
<td class="hidden-xs hidden-sm">Fixed in version</td>
|
|
</td>
|
|
<td class="hidden-xs hidden-sm hidden-md">Introduced in image</td>
|
|
<td class="hidden-xs options-col"></td>
|
|
</thead>
|
|
<tbody ng-repeat="vuln in orderedVulnerabilities.visibleEntries" bindonce>
|
|
<tr ng-class="vuln.severityInfo.index == 0 ? 'defcon1' : ''">
|
|
<td class="caret-col">
|
|
<span ng-click="toggleDetails(vuln)">
|
|
<i class="fa"
|
|
ng-class="vuln.expanded ? 'fa-caret-down' : 'fa-caret-right'"
|
|
data-title="View Details" bs-tooltip></i>
|
|
</span>
|
|
</td>
|
|
<td class="single-col nowrap-col">
|
|
<a bo-text="vuln.name" ng-click="toggleDetails(vuln)" class="expand-link"></a>
|
|
<a href="{{ vuln.link }}" class="external-link hidden-xs hidden-sm hidden-md" target="_blank">
|
|
<i class="fa fa-link"></i>
|
|
</a>
|
|
</td>
|
|
<td class="single-col nowrap-col">
|
|
<span bo-if="vuln.cvssScore && !vuln.scoreDivergence">
|
|
<span class="cvss-text" bo-text="vuln.cvssScore"></span>
|
|
<span class="cvss"><span bo-style="{'width': (vuln.cvssScore * 10) + '%', 'background-color': vuln.cvssColor}"></span>
|
|
</span>
|
|
</span>
|
|
<span bo-if="!vuln.cvssScore || vuln.scoreDivergence" data-title="{{ getSeverityTooltip(vuln) }}" data-container="body" bs-tooltip>
|
|
<span class="vulnerability-priority-view" priority="vuln.severity"></span>
|
|
<span class="asterisk" ng-if="vuln.scoreDivergence == 'adjusted-lower'" ng-style="{'color': vuln.severityInfo.color}">
|
|
<i class="fa fa-asterisk"></i>
|
|
</span>
|
|
</span>
|
|
</td>
|
|
<td class="single-col hidden-xs"><span bo-text="vuln.featureName"></span></td>
|
|
<td class="single-col hidden-xs hidden-sm">
|
|
<span bo-text="vuln.introducedInVersion"></span>
|
|
</td>
|
|
<td class="single-col hidden-xs">
|
|
<span class="empty" bo-if="!vuln.fixedInVersion">(None)</span>
|
|
<span class="fixed-in-version" bo-if="vuln.fixedInVersion" bo-text="vuln.fixedInVersion"></span>
|
|
</td>
|
|
<td class="double-col image-col hidden-xs hidden-sm hidden-md">
|
|
<span bo-if="vuln.imageCommand">
|
|
<span data-title="{{ vuln.imageCommand }}" data-container="body" bs-tooltip>
|
|
<span class="dockerfile-command" command="vuln.imageCommand"></span>
|
|
</span>
|
|
<a href="/repository/{{ repository.namespace }}/{{ repository.name }}/image/{{ vuln.imageId }}"><i class="fa fa-archive"></i></a>
|
|
</span>
|
|
<span bo-if="!vuln.imageCommand">
|
|
<span class="image-link" repository="repository" image-id="vuln.imageId"></span>
|
|
</span>
|
|
</td>
|
|
<td></td>
|
|
</tr>
|
|
<tr ng-if="vuln.expanded">
|
|
<td class="expansion-col" colspan="8">
|
|
<div class="visible-xs" style="margin-bottom: 20px">
|
|
<div class="subtitle">Summary</div>
|
|
<table>
|
|
<tr><td>Package:</td><td><span bo-text="vuln.featureName"></span></td></tr>
|
|
<tr>
|
|
<td>Introduced in version:</td>
|
|
<td>
|
|
<span bo-text="vuln.introducedInVersion"></span>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Fixed in version:</td>
|
|
<td>
|
|
<span class="empty" bo-if="!vuln.fixedInVersion">(None)</span>
|
|
<span class="fixed-in-version" bo-if="vuln.fixedInVersion" bo-text="vuln.fixedInVersion"></span>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Introduced in Image:</td>
|
|
<td><span class="image-link" repository="repository" image-id="vuln.imageId"></span></td>
|
|
</tr>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="severity-note" bo-if="vuln.scoreDivergence">
|
|
<div class="subtitle">Severity note</div>
|
|
<span class="description">
|
|
Note that this vulnerability was originally given a CVSSv2 score of <strong bo-text="vuln.cvssScore"></strong> by NVD but was subsequently reclassified as
|
|
<span class="vulnerability-priority-view" priority="vuln.severity"></span>
|
|
by <span bo-text="getDistro(vuln)"></span>
|
|
</span>
|
|
</div>
|
|
|
|
<div class="vectors" bo-if="vuln.metadata.NVD.CVSSv2.Vectors">
|
|
<div class="subtitle">Vectors</div>
|
|
<div class="nvd-vectors-display" vectors="{{ vuln.metadata.NVD.CVSSv2.Vectors }}"></div>
|
|
</div>
|
|
|
|
<div class="subtitle">Description</div>
|
|
<span class="description" bo-text="vuln.description"></span>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<div class="empty" ng-if="vulnerabilitiesInfo.vulnerabilities.length && !orderedVulnerabilities.entries.length"
|
|
style="margin-top: 20px;">
|
|
<div class="empty-primary-msg">No matching vulnerabilities found.</div>
|
|
<div class="empty-secondary-msg">Try expanding your filtering terms.</div>
|
|
</div>
|
|
</div>
|
|
</div>
|