Why vulnerabilities are being ignored from mounted volume when volume is not mounted?

Why vulnerabilities are being ignored from mounted volume when volume is not mounted?

405
Created On 01/21/25 21:05 PM - Last Modified 01/22/25 23:44 PM


Question


Why vulnerabilities are being ignored from mounted volume when volume is not mounted?

  • Scan reports can be checked using GUIMonitor > Vulnerabilities > Images > Deployed > <Click on the image> > Package info

Environment


Prisma Cloud Runtime Security

Kubernetes 

Answer


We skip mounted volumes because we only scan images and not the host. In the defender logs, we can see that mounted volume path is being ignored:

DEBU <DATE>T<TIMESTAMP> augment_static_linux.go:149 DEBU <DATE>T<TIMESTAMP> Ignoring path '<mounted path'

To scan that directory remove VOLUME /<MOUNTED VOLUME PATHA> from the Dockerfile. If you are not mounting the volume then remove VOLUME /<MOUNTED VOLUME PATH>, as this line makes defender think that the volume is mounted.

Additional Information


N/A
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000PR56CAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail