Fetch Image Details
Shows details of an image.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
imageSha |
Mandatory |
string |
Specify the SHA value of a specific image in the user’s scope. |
| scanDetails | Optional | string |
Specify the following values:
You can specify multiple values separated by comma. |
SampleSample
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/c64844065dcbc3d0a90c365c1f56421766a5cebf05f7ecbd3377af410fff09fd?scanDetails=malware%2Csecrets"
-H "Authorization: Bearer <token>"
Response
{
"created": "1603477517000",
"updated": "1605017537578",
"lastUsedDate;: "1716251515814",
"author": "Couchbase Docker Team <docker@couchbase.com>",
"repo": [
{
"registry": "docker.io",
"tag": "latest",
"repository": "couchbase"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "1d811b3c382893f70f0cc0f2371a12d3671c1d5175bcc67e8c2a5c0bf4c8f976",
"repository": "couchbase"
}
],
"label": null,
"uuid": "5d48f83b-cddb-33ac-8fad-e8452dd116b1",
"sha": "c64844065dcbc3d0a90c365c1f56421766a5cebf05f7ecbd3377af410fff09fd",
"operatingSystem": "Ubuntu Linux 16.04.7",
"customerUuid": "192cc974-1e44-cb6c-806e-f78f6441cb0d",
"dockerVersion": "18.09.7",
"size": 1183790011,
"layers": [
{
"size": "130553983",
"createdBy": "ADD file:c1f3147c7b6710af5affd417ff822ee28df872d716003858d3d2e23d2277c981 in / ",
"created": "1603474388000",
"comment": "",
"id": null,
"sha": null,
"tags": null
},
{
"size": "0",
"createdBy": "rm -rf /var/lib/apt/lists/*",
"created": "1603474389000",
"comment": "",
"id": null,
"sha": null,
"tags": null
},
{
"size": "1930",
"createdBy": "COPY file:d816a67f62bfba76d2812cefbe92252afa13f3852775c3e68599df7741e90cb7 in / ",
"created": "1603477517000",
"comment": "",
"id": null,
"sha": null,
"tags": null
}
],
"host": [
{
"sensorUuid": "fed79006-2fa9-4b67-8f5a-272b4e02f084",
"hostname": "host.qualys.com",
"ipAddress": "10.**.2*.*0",
"uuid": "6ba5be85-2758-4f44-814a-b690c9ed23ee",
"lastUpdated": "2020-11-10T14:10:29.218Z"
}
],
"architecture": "amd64",
"imageId": "c64844065dcb",
"lastVmScanDate": "1605017537578",
"registryUuid": null,
"source": [
"GENERAL"
],
"totalVulCount": "0",
"users": [
"root"
],
"isDockerHubOfficial": null,
"isInstrumented": null,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": "DYNAMIC",
"scanTypes": [
"DYNAMIC"
],
"scanErrorCode": null,
"scanStatus": "SUCCESS",
"lastFoundOnHost": {
"sensorUuid": "fed79006-2fa9-4b67-8f5a-272b4e02f084",
"hostname": "host.qualys.com",
"ipAddress": "10.**.2*.*0",
"uuid": "6ba5be85-2758-4f44-814a-b690c9ed23ee",
"lastUpdated": "2020-11-10T14:10:29.218Z"
},
"lastScannedBySensor": "fde436ad-3686-46f9-a2e5-9f7523668d34",
"scanErrorMessage": "Static: Package manager not found",
"malware": {
"imageMalwareCount": 1,
"malwarePrediction": {
"prediction": "malicious",
"score": 1,
"severity": 3,
"category": "dropper",
"family": "mirai"
}
},
"lastMalwareScanned": null,
"exceptions": [
"77116d5b-aaa0-4dba-a334-9fe6a6f0dd98"
],
"secrets": [
{
"severity": "LOW",
"filePath": "/root/foo/foo1.txt",
"layerSha": "7afaca6fd6f46466f2f23f51c647918c7818a431792547db3a7bc033d261a1e3",
"match": null,
"startLine": 0,
"secretType": "Easypost API Token"
},
{
"severity": "LOW",
"filePath": "/root/foo/foo1.txt",
"layerSha": "7afaca6fd6f46466f2f23f51c647918c7818a431792547db3a7bc033d261a1e3",
"match": null,
"startLine": 0,
"secretType": "Adobe Client ID (Oauth Web)"
},
{
"severity": "MEDIUM",
"filePath": "/root/foo/foo1.txt",
"layerSha": "7afaca6fd6f46466f2f23f51c647918c7818a431792547db3a7bc033d261a1e3",
"match": null,
"startLine": 0,
"secretType": "Asana Client Secret"
},
{
"severity": "CRITICAL",
"filePath": "/home/qatest/key/gcp-service-account.json",
"layerSha": "5bc804df91a229c1f26d254b5247c699c1e1a53673ec1d30e263e7b4bda96beb",
"match": null,
"startLine": 0,
"secretType": "Google (GCP) Service-account"
}
],
"lastSecretScanned": null,
"riskScore": null,
"riskScoreCalculatedDate": null,
"formulaUsed": null,
"maxQdsScore": null,
"qdsSeverity": null,
"criticality": 3,
"criticalityUpdated": 1717098843553,
"baseImage": null,
"childImagesCount": 0,
"sbomLayerProcessingTimestamp": null,
"baseImageProcessingTimestamp": null,
"softwares": [
{
"name": "libncursesw5:amd64",
"version": "6.0+20160213-1ubuntu1",
"fixVersion": null,
"vulnerabilities": null
},
{
"name": "libgpg-error0:amd64",
"version": "1.21-2ubuntu1",
"fixVersion": null,
"vulnerabilities": null
}
],
"vulnerabilities": [],
"lastComplianceScanned": "1603477517000"
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified image.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}
Sample for AWS FargateSample for AWS Fargate
The response shows a source value of “SERVERLESS_FARGATE” in this case.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/85669404084756ad51914d98c460b5b83f45848b2ec9567f08b262170db264e4" --header "Authorization: Bearer <token>"
Response
{
"created": "1633506189000",
"updated": "1659422877918",
"author": "",
"repo": [
{
"registry": "362990800442.dkr.ecr.ca-central-1.amazonaws.com",
"tag": "jboss1.18",
"repository": "cs-sensor"
}
],
"repoDigests": [
{
"registry": "362990800442.dkr.ecr.ca-central-1.amazonaws.com",
"digest": "0d4bdc5749b80631a069957de99b0fa20201e38380ce90cc68786894231e429d",
"repository": "cs-sensor"
}
],
...
"hostArchitecture": [
"x86_64"
],
"architecture": "amd64",
"imageId": "856694040847",
"lastScanned": "1659422877918",
"registryUuid": null,
"source": [
"SERVERLESS_FARGATE"
],
"totalVulCount": "42",
"users": [
"root"
],
...
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified image.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}
Sample with SCA ScanningSample with SCA Scanning
This is applicable for subscriptions with SCA Scanning enabled and for images scanned using SCA.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images?pageNumber=1&pageSize=50&sort=created%3Adesc" --header "Authorization: Bearer <token>"
Response
{
"created": "1525522580000",
"updated": "1661479716359",
"sha": "0645d07d36305947d72a31282e2dd035f54fbeff6d9adb6701e9c72e75f675e8",
"repo": [
{
"registry": "docker.io",
"tag": "0.9.2",
"repository": "known"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "a3cfd95b4ff72c4f1f33aa98aae1d86b9ed1bfe050058fb46205540280e9937f",
"repository": "known"
}
],
"uuid": "38aa3900-f803-32a7-9806-39233e66b85c",
"size": 539069295,
"vulnerabilities": {
"severity5Count": 8,
"severity3Count": 54,
"severity4Count": 13,
"severity1Count": 1,
"severity2Count": 1
},
"imageId": "0645d07d3630",
"associatedContainersCount": 1,
"associatedHostsCount": 1,
"lastVmScanDate": "1661479716359",
"registryUuid": null,
"source": [
"GENERAL"
],
"isDockerHubOfficial": false,
"isInstrumented": false,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": null,
"scanTypes": [
"SCA",
"DYNAMIC"
],
"scanErrorCode": null,
"scanStatus": "SUCCESS",
"lastFoundOnHost": {
"sensorUuid": "2ed740ac-acba-47b5-8072-aaa739e44f0d",
"hostname": "ip-10-20-30-40",
"ipAddress": "10.20.30.40",
"uuid": "721e3460-bced-4ec0-b695-3c3349eefefb",
"lastUpdated": "2022-08-26T01:57:22.110Z"
},
"exceptions": [
"77116d5b-aaa0-4dba-a334-9fe6a6f0dd98"
],
"compliance": {
"failCount": 2,
"passCount": 0,
"errorCount": 0
},
"lastComplianceScanDate": "1661479044741"
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified image.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}