API Reference
HomeGitHubSign Up

topVulnerabilities

Get a list of the top vulnerabilities graded by an Armo inner algorithm

POST /api/v1/vulnerability/topVulnerabilities

Get a list of the top vulnerabilities graded by an Armo inner algorithm.

Query params

customerGUID - required

Request object

Standart request body for pagination APIs

Response object

Standart response body for pagination APIs

Response result entry example

{
   "name":"CVE-2022-23218",
   "imageHash":"",
   "imageTag":"",
   "packageName":"glibc",
   "packageVersion":"2.28-151.el8",
   "link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23218",
   "description":"The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
   "severity":"Medium",
   "severityScore":300,
   "metadata":"None",
   "fixedIn":[
      {
         "name":"not-fixed",
         "imageTag":"quay.io/armosec/k8s-ca-vuln-scan-ubi@sha256:263a37d1a2a606164e5ec6e18ea53d5caa5cfd394d0b0388c079aa4d305684b7",
         "version":""
      }
   ],
   "relevant":"No signature profile to compare",
   "urgent":0,
   "neglected":0,
   "healthStatus":"",
   "categories":{
      "isRce":true
   },
   "workloadsCount":5,
   "severityOverall":1700
}

This is actually part of the regular Vulnerability item, with the additions of the fields workloadsCount and severityOverall