quay/static/directives/manifest-vulnerability-view.html

<div class="manifest-vulnerability-view-element">
  <!-- Unable to load -->
  <div class="empty" ng-if="securityStatus == 'error'">
    <div class="empty-icon">
      <i class="fa fa-times-circle"></i>
    </div>
    <div class="empty-primary-msg">Could not load security scan information</div>
    <div class="empty-secondary-msg">
      Please try again in a few minutes. If this problem persists, please contact support.
    </div>
  </div>

  <!-- Not scanned -->
  <div class="empty" ng-if="securityStatus == 'queued'">
    <div class="empty-icon">
      <i class="fa fa-ellipsis-h"></i>
    </div>
    <div class="empty-primary-msg">This manifest has not been indexed yet</div>
    <div class="empty-secondary-msg">
      Please try again in a few minutes.
    </div>
  </div>

  <!-- Unable to scan -->
  <div class="empty" ng-if="securityStatus == 'failed'">
    <div class="empty-icon">
      <i class="fa fa-times-circle"></i>
    </div>
    <div class="empty-primary-msg">This manifest could not be indexed</div>
    <div class="empty-secondary-msg">
      Quay security scanner was unable to index this manifest.
    </div>
  </div>

  <!-- Scanned and has no features -->
  <div ng-if="securityStatus == 'scanned' && !vulnerabilitiesInfo.features.length">
    <div class="empty">
      <div class="empty-icon">
        <i class="fa fa-bug"></i>
      </div>
      <div class="empty-primary-msg">Manifest is not supported by Quay Security Scanner</div>
      <div class="empty-secondary-msg">
        This manifest has an operating system or package manager unsupported by Quay Security Scanner.
      </div>
    </div>
  </div>

  <!-- Scanned and has features -->
  <div ng-if="securityStatus == 'scanned' && vulnerabilitiesInfo.features.length">
    <!-- Header -->
    <div class="security-header">
      <div class="donut-col">
        <div id="vulnDonutChart" style="position: relative;">
          <svg style="height:250px; width:250px"></svg>
          <span class="donut-icon">
            <i class="fa fa-bug"></i>
          </span>
        </div>
      </div>
      <div class="summary-col">
        <ul class="summary-list" ng-if="vulnerabilitiesInfo.severityBreakdown.length">
          <li class="title-item">Quay Security Scanner has detected <strong>{{ vulnerabilitiesInfo.vulnerabilities.length }}</strong> vulnerabilities.</li>
          <li class="subtitle-item" ng-if="vulnerabilitiesInfo.fixable.length">
            Patches are available for <strong>{{ vulnerabilitiesInfo.fixable.length }}</strong> vulnerabilities.
          </li>

          <li style="margin-bottom: 30px"></li>

          <li class="severity-item" ng-repeat="severity in vulnerabilitiesInfo.severityBreakdown">
            <i class="fa fa-exclamation-triangle" ng-style="{'color': severity.color}"></i> <strong>{{ severity.value }}</strong> {{ severity.label }}-level vulnerabilities.
          </li>
        </ul>

        <div ng-if="!vulnerabilitiesInfo.severityBreakdown.length">
          Quay Security Scanner has detected no vulnerabilities in this manifest.
        </div>
      </div>
    </div>

    <!-- Filter -->
    <span class="co-filter-box with-options" ng-show="vulnerabilitiesInfo.vulnerabilities.length">
      <span class="filter-message" ng-if="options.filter || options.fixableVulns">
        Showing {{ orderedVulnerabilities.entries.length }} of {{ vulnerabilitiesInfo.vulnerabilities.length }} Vulnerabilities
      </span>
      <input class="form-control" type="text" ng-model="options.filter" placeholder="Filter Vulnerabilities...">
      <div class="filter-options">
        <label><input type="checkbox" ng-model="options.fixableVulns">Only show fixable</label>
      </div>
    </span>
    <h3>Vulnerabilities</h3>

    <!-- Table -->
    <div class="empty" ng-if="!vulnerabilitiesInfo.vulnerabilities.length"
          style="margin-top: 20px;">
      <div class="empty-primary-msg">No vulnerabilities found.</div>
      <div class="empty-secondary-msg">Quay Security Scanner has detected no vulnerabilities in this manifest.</div>
    </div>

    <table class="co-table" ng-show="vulnerabilitiesInfo.vulnerabilities.length">
     <thead>
      <td class="caret-col"></td>
      <td ng-class="TableService.tablePredicateClass('name', options.predicate, options.reverse)">
        <a ng-click="TableService.orderBy('name', options)">CVE</a>
      </td>
      <td ng-class="TableService.tablePredicateClass('score', options.predicate, options.reverse)">
        <a ng-click="TableService.orderBy('score', options)">Severity</a>
      </td>
      <td class="hidden-xs" ng-class="TableService.tablePredicateClass('featureName', options.predicate, options.reverse)">
        <a ng-click="TableService.orderBy('featureName', options)">Package</a>
      </td>
      <td class="hidden-xs">Current version</td>
      <td class="hidden-xs hidden-sm">Fixed in version</td>
      </td>
      <td class="hidden-xs hidden-sm hidden-md">Introduced in layer</td>
      <td class="hidden-xs options-col"></td>
     </thead>
     <tbody ng-repeat="vuln in orderedVulnerabilities.visibleEntries" bindonce>
       <tr ng-class="vuln.severityInfo.index == 0 ? 'defcon1' : ''">
        <td class="caret-col">
          <span ng-click="toggleDetails(vuln)">
            <i class="fa"
               ng-class="vuln.expanded ? 'fa-caret-down' : 'fa-caret-right'"
               data-title="View Details" bs-tooltip></i>
          </span>
         </td>
         <td class="single-col nowrap-col">
            <a bo-text="vuln.name" ng-click="toggleDetails(vuln)" class="expand-link"></a>
            <a href="{{ vuln.link }}" class="external-link hidden-xs hidden-sm hidden-md" ng-safenewtab>
              <i class="fa fa-link"></i>
            </a>
         </td>
         <td class="single-col nowrap-col">
           <span bo-if="vuln.cvssScore && !vuln.scoreDivergence">
              <span class="cvss-text" bo-text="vuln.cvssScore"></span>
              <span class="cvss"><span bo-style="{'width': (vuln.cvssScore * 10) + '%', 'background-color': vuln.cvssColor}"></span>
              </span>
           </span>
           <span bo-if="!vuln.cvssScore || vuln.scoreDivergence" data-title="{{ getSeverityTooltip(vuln) }}" data-container="body" bs-tooltip>
              <span class="vulnerability-priority-view" priority="vuln.severity"></span>
              <span class="asterisk" ng-if="vuln.scoreDivergence == 'adjusted-lower'" ng-style="{'color': vuln.severityInfo.color}">
                <i class="fa fa-asterisk"></i>
              </span>
           </span>
         </td>
         <td class="single-col hidden-xs"><span bo-text="vuln.featureName"></span></td>
         <td class="single-col hidden-xs hidden-sm">
           <span bo-text="vuln.introducedInVersion"></span>
         </td>
         <td class="single-col hidden-xs">
            <span class="empty" bo-if="!vuln.fixedInVersion">(None)</span>
            <span class="fixed-in-version" bo-if="vuln.fixedInVersion" bo-text="vuln.fixedInVersion"></span>
         </td>
         <td class="double-col image-col hidden-xs hidden-sm hidden-md">
            <span bo-if="vuln.imageCommand">
              <image-command command="feature.imageCommand"></image-command>
            </span>
            <span bo-if="!vuln.imageCommand">(No Command)</span>
         </td>
         <td></td>
        </tr>
        <tr ng-if="vuln.expanded">
          <td class="expansion-col" colspan="8">
            <div class="visible-xs" style="margin-bottom: 20px">
              <div class="subtitle">Summary</div>
              <table>
                <tr><td>Package:</td><td><span bo-text="vuln.featureName"></span></td></tr>
                <tr>
                  <td>Introduced in version:</td>
                  <td>
                    <span bo-text="vuln.introducedInVersion"></span>
                  </td>
                </tr>
                <tr>
                  <td>Fixed in version:</td>
                  <td>
                    <span class="empty" bo-if="!vuln.fixedInVersion">(None)</span>
                    <span class="fixed-in-version" bo-if="vuln.fixedInVersion" bo-text="vuln.fixedInVersion"></span>
                  </td>
                </tr>
                <tr>
                  <td>Introduced in Layer:</td>
                  <td>{{ ::vuln.imageId }}</td>
                </tr>
              </table>
            </div>

            <div class="severity-note" bo-if="vuln.scoreDivergence">
              <div class="subtitle">Severity note</div>
              <span class="description">
                Note that this vulnerability was originally given a CVSSv2 score of <strong bo-text="vuln.cvssScore"></strong> by NVD but was subsequently reclassified as
                <span class="vulnerability-priority-view" priority="vuln.severity"></span>
                by <span bo-text="getDistro(vuln)"></span>
              </span>
            </div>

            <div class="vectors" bo-if="vuln.metadata.NVD.CVSSv2.Vectors">
              <div class="subtitle">Vectors</div>
              <div class="nvd-vectors-display" vectors="{{ vuln.metadata.NVD.CVSSv2.Vectors }}"></div>
            </div>

            <div class="subtitle">Description</div>
            <span class="description" bo-text="vuln.description"></span>
          </td>
        </tr>
      </tbody>
    </table>
   <div class="empty" ng-if="vulnerabilitiesInfo.vulnerabilities.length && !orderedVulnerabilities.entries.length"
        style="margin-top: 20px;">
    <div class="empty-primary-msg">No matching vulnerabilities found.</div>
    <div class="empty-secondary-msg">Try expanding your filtering terms.</div>
   </div>
 </div>
</div>