diff --git a/cli/cmd/vulnerability.go b/cli/cmd/vulnerability.go
index 08e504d12..e9c4f81ee 100644
--- a/cli/cmd/vulnerability.go
+++ b/cli/cmd/vulnerability.go
@@ -46,6 +46,9 @@ var (
 
 		// display extended details about a vulnerability scan/report
 		Details bool
+
+		// display only fixable vulnerabilities
+		Fixable bool
 	}{PollInterval: time.Second * 5}
 
 	// vulnerability represents the vulnerability command
@@ -297,6 +300,12 @@ func init() {
 		vulReportCmd.Flags(),
 	)
 
+	setFixableFlag(
+		vulScanRunCmd.Flags(),
+		vulScanShowCmd.Flags(),
+		vulReportCmd.Flags(),
+	)
+
 	vulReportCmd.Flags().BoolVar(
 		&vulCmdState.ImageID, "image_id", false,
 		"tread the provided sha256 hash as image id",
@@ -314,6 +323,16 @@ func setPollFlag(cmds ...*flag.FlagSet) {
 	}
 }
 
+func setFixableFlag(cmds ...*flag.FlagSet) {
+	for _, cmd := range cmds {
+		if cmd != nil {
+			cmd.BoolVar(&vulCmdState.Fixable, "fixable", false,
+				"display only fixable vulnerabilities",
+			)
+		}
+	}
+}
+
 func setDetailsFlag(cmds ...*flag.FlagSet) {
 	for _, cmd := range cmds {
 		if cmd != nil {
@@ -427,7 +446,7 @@ func buildVulnerabilityReport(report *api.VulContainerReport) string {
 	})
 	t.Render()
 
-	if vulCmdState.Details {
+	if vulCmdState.Details || vulCmdState.Fixable {
 		mainReport.WriteString(buildVulnerabilityReportDetails(report))
 		mainReport.WriteString("\n")
 	} else {
@@ -476,6 +495,9 @@ func vulContainerImageLayersToTable(image *api.VulContainerImage) [][]string {
 	for _, layer := range image.ImageLayers {
 		for _, pkg := range layer.Packages {
 			for _, vul := range pkg.Vulnerabilities {
+				if vulCmdState.Fixable && vul.FixVersion == "" {
+					continue
+				}
 				space := regexp.MustCompile(`\s+`)
 				createdBy := space.ReplaceAllString(layer.CreatedBy, " ")