search

docker / scan-cli-plugin

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Apache License 2.0
180 stars 43 forks source link

Feature: Display report by severity #222

Open tuladhar opened 1 year ago

tuladhar commented 1 year ago

Description

As an end-user, I would want to see a summary of vulnerabilities by severity level.

Describe the results you received:

puru@giantswarm ~/instaloader> docker scan instaloader:4.9.5
... SKIPPED

Tested 106 dependencies for known vulnerabilities, found 47 vulnerabilities.

For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp

Describe the results you expected:

puru@giantswarm ~/instaloader> docker scan instaloader:4.9.5
... SKIPPED

Tested 106 dependencies for known vulnerabilities, found 47 vulnerabilities.

Summary by severity level:
  High: 0
  Medium: 0
  Low: 47

For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Docker Desktop 4.14.1 (91661)

Output of docker scan --version:

Version:    v0.21.0
Git commit: 19992b1
Provider:   Snyk (1.1025.0)

Output of docker info: Not applicable.

Additional environment details (AWS, VirtualBox, physical, etc.): Not applicable.