Skip to main content
Vulnerability reports give you a real-time view of every known CVE across your Root-managed images and packages — which are patched, which are pending, and which have no fix available yet.

What’s Included

[Per-CVE status: patched, pending patch, not affected (VEX), no fix available. Severity breakdown, affected artifact count coming soon]

Report Format

[JSON and CSV export formats, field definitions, CVE metadata included coming soon]

Accessing Reports

[Root platform UI — per-image and per-package views; Root API — bulk export endpoint coming soon]

Filtering and Scoping

[Filter by ecosystem, severity, date range, specific image or package coming soon]

Integrating with SIEM and ASPM

[Webhook delivery, Splunk / Elastic ingest, integration with Wiz, Orca, Snyk coming soon]