--- title: Public Artifact Vulnerabilities description: >- Look up CVE and vulnerability information for Datadog's publicly available artifacts. breadcrumbs: >- Docs > Reducing Data Related Risks > Security Guides > Public Artifact Vulnerabilities --- # Public Artifact Vulnerabilities {% callout %} ##### Join the Preview! Public Artifact Vulnerabilities is in Preview.Request Access {% /callout %} ## Overview{% #overview %} The Public Artifact Vulnerabilities page lets you view vulnerability and response information for Datadog's publicly available artifacts and libraries. Use it to look up: - Which vulnerabilities affect a given artifact (by image/version) - Which artifacts are affected by a given CVE - Status, justification, impact, and action statements for each vulnerability ## How to access{% #how-to-access %} The Public Artifact Vulnerabilities page is accessible through the Help page under **Public Artifact Vulnerabilities**. {% image source="https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/help-page.62279c95871c42e02efcf6c1fde89739.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/help-page.62279c95871c42e02efcf6c1fde89739.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Help page with Public Artifact Vulnerabilities link" /%} {% image source="https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/public-artifact-vulnerabilities-page.cfab076a2c5f9704e38cbecdf6678546.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/public-artifact-vulnerabilities-page.cfab076a2c5f9704e38cbecdf6678546.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Public Artifact Vulnerabilities page" /%} ## Using the page{% #using-the-page %} ### Look up by image and version (artifact-centric){% #look-up-by-image-and-version-artifact-centric %} Use this to see all vulnerabilities for a specific artifact and version (for example, the Datadog Agent image version 7.52.0). - **Image**: Choose an artifact from the **Image** dropdown (for example, agent, cluster-agent, synthetic-private-location-worker). The list is built from available public artifacts. - **Version**: Choose a **Version** for that image. Versions are sorted by newest first. The table loads and shows one row per vulnerability affecting that image/version. **Table columns (by image/version):** | Column | Purpose | | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Severity | Severity of the vulnerability (for example, Critical, High, Medium, Low, and Info). | | Vulnerability | CVE or vulnerability identifier and name. | | Platform | Platform(s) the statement applies to (for example, Linux, Windows). The platform column also shows the list of variants affected by the CVE (for example, fips, jmx, and servercore). | | Status | Current status: for example, Not affected, Affected, Fixed, and Under investigation. | | Additional Information | More information on the status of the CVE and justification of the status if needed. For example, if the status is component_not_present, this column explains why the CVE does not affect the artifact and how that conclusion was reached. Some statuses, such as Under investigation, do not have additional information because the impact is still being analyzed. | You can use the search/filter box above the table to filter these rows by keyword. {% image source="https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/by-image-version.93a7d26b717a6b324ca10e922d36cc7b.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/by-image-version.93a7d26b717a6b324ca10e922d36cc7b.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Look up by image and version" /%} ### Look up by CVE (CVE-centric){% #look-up-by-cve-cve-centric %} Use this to find which artifacts/versions are affected and the status for each. 1. In the search box at the top of the table, enter one or more CVE IDs (for example, `CVE-2024-1234` or `CVE-2024-1234, CVE-2024-5678` for multiple). 1. Click **Find CVE in artifacts**. The table switches to CVE mode and shows one row per (CVE, artifact, version, status) combination. **Table columns (by CVE):** | Column | Purpose | | ---------------------- | ----------------------------------------------------------------------------------------------------------- | | CVE | The CVE ID. | | Artifact Name | Name of the artifact (for example, agent, library name). | | Version | Version of the artifact. | | Platform | Platform(s) for this row (for example, Linux, Windows). | | Status | Status for this CVE/artifact/version (for example, Not affected, Affected, Fixed, and Under investigation). | | Additional Information | More information on the status of the CVE and justification of the status if needed. | After you search for a CVE, the table filter clears so all returned rows are visible. You can type in the search box again to filter the current result set. {% image source="https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/by-cve.58c56fb7d03d33ad1a2d733254431d94.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/data_security/public_artifact_vulnerabilities/by-cve.58c56fb7d03d33ad1a2d733254431d94.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Look up by CVE" /%} ## Available artifacts (images){% #available-artifacts-images %} The **Image** dropdown is populated from the list of tracked public artifacts. If an expected artifact is missing, contact [Datadog Support](https://docs.datadoghq.com/help) to request that it be added. ## Options and actions on the page{% #options-and-actions-on-the-page %} | Option or action | Description | | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | | **Search / global filter** | Filter table rows by any text. In "by image/version" mode, the same search box is used before clicking **Find CVE in artifacts** to run a CVE lookup. | | **Find CVE in artifacts** | Runs a CVE lookup using the current search box value (supports comma-separated CVE IDs). Only relevant when you want to look up by CVE. | | **Pagination** | Use the table pagination to move through large result sets (for example, 50 rows per page). | | **Resizable columns** | You can resize column widths for readability. |