Prisma Cloud Compute: How to identify relevant packages affected by a vulnerability

Users may ask for information about vulnerabilities they have found in their environment.
They might be reporting a vulnerability without knowing exactly where it originates.
This is one way to identify the packages affected by a vulnerability.

• Prisma Cloud Enterprise Edition all versions
• Prisma Cloud Compute Edition all versions

1. Go to Compute > Monitor > Vulnerabilities > Images/Hosts/Functions and localize the resource where the vulnerability is being observed:

2. Open the resource by clicking on it to show the vulnerabilities:

3. Search for the reported package in the Description section and take note of its version. Then, go to the Package Info tab and search for that specific version (e.g., Go version 1.18.3). There, you will find details such as the source package, path, and additional information about where Go 1.18.3 is present.

4. Research on the internet about the source package and path to find out information about the affected packages.