Detailed information about detected vulnerabilities
You can view detailed information about a vulnerability detected in an image. To do this, in the window with the image scan results, select the Vulnerabilities tab and click the link with the vulnerability entry identifier. The identifier is given in CVE-YYYY-X... format, where:
CVE is a prefix that indicates that the vulnerability is included in the database of known vulnerabilities and security defects.
YYYY is the year when the vulnerability was reported.
X... is the number assigned to the vulnerability by authorized bodies.
A separate window displays the following information about the detected vulnerability:
Vulnerability entry identifier
Vulnerability severity level
Description of the vulnerability and a link to additional information
Installed resource
Vulnerability severity score based on the CVSS open standard in the NVD, VDB, and RED OS vulnerability databases, as well as the final consolidated vulnerability severity score.
Russian general-purpose operating system RED OS supports scanning for vulnerabilities that can threaten the functioning of services and workstations.
The Data Security Threats Database (DSTD or VDB) is a national vulnerability database maintained by the Russian Federal Service for Technical and Export Control (FSTEC).
The National Vulnerability Database is the United States Government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol.
Common Vulnerability Scoring Systemis an open standard for scoring vulnerabilities. CVSS specifies a set of metrics and formulas for scoring vulnerability severity, with values from 0 (minimum) to 10 (maximum). CVSS allows you to allocate vulnerability response efforts based on vulnerability severity.
You can accept the risk of the vulnerability by clicking the Accept button.