Skip to main content

GET /api/advisories

Returns a list of advisories that the Pastures Engine has identified as relevant to the connected clusters. Advisories cover security vulnerabilities, deprecations, configuration drift, and operational recommendations.

Request

Headers

HeaderRequiredDescription
AuthorizationNoBearer <api-key> (if configured)
No request body is required.

Response

The Engine may return advisories in one of two formats. The extension normalizes both. Wrapped format: 
{
  "advisories": [
    {
      "id": "ADV-2026-0042",
      "severity": "CRITICAL",
      "title": "CVE-2026-1234: Container runtime RCE in containerd < 1.7.14",
      "relevance": "3 of 5 clusters are running containerd 1.7.11",
      "recommended_action": "Upgrade containerd to 1.7.14 or later on affected nodes",
      "created_at": "2026-04-20T14:30:00Z"
    },
    {
      "id": "ADV-2026-0039",
      "severity": "HIGH",
      "title": "Kubernetes v1.27 end-of-life in 30 days",
      "relevance": "Cluster prod-us-west-2 is running v1.27.9",
      "recommended_action": "Plan upgrade to v1.28 or v1.29 before support ends",
      "created_at": "2026-04-18T09:15:00Z"
    },
    {
      "id": "ADV-2026-0035",
      "severity": "MEDIUM",
      "title": "Default PodSecurityPolicy detected",
      "relevance": "Namespace 'default' uses the unrestricted PSP on 2 clusters",
      "recommended_action": "Migrate to Pod Security Admission with a 'restricted' profile",
      "created_at": "2026-04-15T11:00:00Z"
    },
    {
      "id": "ADV-2026-0028",
      "severity": "LOW",
      "title": "Unused ConfigMaps consuming etcd storage",
      "relevance": "142 orphaned ConfigMaps found across all clusters",
      "recommended_action": "Review and remove unused ConfigMaps to reduce etcd size",
      "created_at": "2026-04-10T16:45:00Z"
    },
    {
      "id": "ADV-2026-0025",
      "severity": "INFO",
      "title": "New Rancher v2.9.1 release available",
      "relevance": "Current Rancher version is v2.8.5",
      "recommended_action": "Review the changelog and plan an upgrade at your convenience",
      "created_at": "2026-04-08T08:00:00Z"
    }
  ]
}
Array format (also accepted): 
[
  { "id": "ADV-2026-0042", "severity": "CRITICAL", "..." : "..." }
]

Response Fields

FieldTypeDescription
idstringUnique advisory identifier.
severitystringOne of CRITICAL, HIGH, MEDIUM, LOW, INFO.
titlestringShort description of the advisory.
relevancestringWhy this advisory matters to the current environment.
recommended_actionstringSuggested remediation step.
created_atstringISO 8601 timestamp of when the advisory was created.

Severity Levels

SeverityDescription
CRITICALImmediate action required — active exploit risk or data loss
HIGHAction required soon — significant security or stability risk
MEDIUMShould be addressed — configuration or compliance concern
LOWMinor improvement — optimization or cleanup opportunity
INFOInformational — awareness only, no action needed