SubImage: Open-Core Alternative to Wiz

Vulnerability Management

SubImage shows risk context and actionable fixes, not just vulnerability counts.

subimage / vulnerabilities

Action Items23

CVEs152

Search packages...

Package

CVEs

Installed version(s)

Fixed version(s)

Severity

KEVinternet-exposed

5.6.1-r1

5.6.1-r2

1C2M2L

lodash

internet-exposedaffects 2 base images

4.17.154.17.20

4.17.21

2H1M

minimist

internet-exposed

1.2.50.2.3

1.2.60.2.4

zlib

1.3.1-r0

1.3.1-r1

1H1M

cross-spawn

affects 6 base images

7.0.4

7.0.5

1H3L

aiohttp

3.10.10

3.10.11

PyJWT

2.10.02.10.12.11.0

2.12.0

rack

internet-exposed

2.2.83.0.9

2.2.8.13.0.9.1

rdoc

6.6.36.5.1

6.6.3.16.5.1.16.4.1.16.3.4.1

urllib3

2.2.11.26.18

2.2.21.26.19

requests

2.31.0

2.32.0

rexml

3.3.8

3.3.9

perl-module-scandeps

1.36-r0

1.37-r0

Exploitability-aware prioritization

Is the vulnerable package in a running container? Is that container internet-exposed? Is there a path from it to sensitive data? If not, it drops in priority.

Actionable fix paths

We show the fewest actions to fix the most risk. You see every container and image affected, whether the package is inherited from a base image, and the exact version that resolves it.

Compliance and security alignment

GRC teams get exportable compliance reports with risk breakdowns. Security engineers get the graph view showing which vulns sit on actual attack paths.