Container images with multiple Critical and High sevirity vulnerabilities increase the risk of potential exploit. This control lists all such images according to the threashold provided by the customer.Note, this control is configurable. See below the details.
This control enumerates workloads and checks if they have excessive amount of vulnerabilities in their container images. The threshold of “excessive number” is configurable.
Update your workload images as soon as possible when fixes become available.
This control can be configured using the following parameters. Read CLI/UI documentation about how to change parameters.
The maximum number of Critical severity vulnerabilities permitted.
The maximum number of High severity vulnerabilities permitted.
Updated 6 days ago