Configure Vulnerability Settings

You can configure projects so that images with vulnerabilities cannot be run, and to automatically scan images as soon as they are pushed into the project.

1. Log in to the Harbor interface with an account that has at least project administrator privileges.

2. Go to Projects and select a project.

3. Select the Configuration tab.

4. To prevent vulnerable images under the project from being pulled, select the Prevent vulnerable images from running checkbox.

   

5. Select the severity level of vulnerabilities to prevent images from running.

   Images cannot be pulled if their level is equal to or higher than the selected level of severity. Harbor does not prevent images with a vulnerability severity of negligible from running.

6. To activate an immediate vulnerability scan on new images that are pushed to the project, select the Automatically scan images on push check box.