cve-count
Max allowed violations for a given severity level.
| Provider | Level | Tags |
|---|---|---|
| cve | Warning | security |
Parameters
| Name | Default Value | Description |
|---|---|---|
level | critical | n/a |
max_count | 0 | n/a |
Messages
| Type | Message |
|---|---|
| Pass | Number of ${criterion.params.level} vulnerabilities is within limits. |
| Fail | Image has ${results.cve.${criterion.params.level}_count} ${criterion.params.level} CVEs (max allowed: ${criterion.params.max_count}). |
Playbook Example
rules:
- provider: cve
criterion: cve-count
options:
level: critical
max_count: 0
Condition
{
"<=": [
{
"get": [
{
"var": "results.cve"
},
{
"cat": [
{
"var": "criterion.params.level"
},
"_count"
]
}
]
},
{
"var": "criterion.params.max_count"
}
]
}