Thank you that it is already possible to scan Windows images even if it is still very slow.
However, I miss the OS level in the scan.
If an image is scanned with an outdated base image, at least a warning should be displayed.
It might also be possible to display the CVE directly from sources such as https://msrc.microsoft.com/update-guide/vulnerability
Only finds the outdated curl package in the image but that the Windows version is from November 13, 2018 (operating system build 17763.107) is not detected and displayed.
Thank you that it is already possible to scan Windows images even if it is still very slow.
However, I miss the OS level in the scan. If an image is scanned with an outdated base image, at least a warning should be displayed. It might also be possible to display the CVE directly from sources such as https://msrc.microsoft.com/update-guide/vulnerability
Example:
docker scout cves mcr.microsoft.com/windows/nanoserver:1809-KB4464455Only finds the outdated curl package in the image but that the Windows version is from November 13, 2018 (operating system build 17763.107) is not detected and displayed.
It is possible to read the Windows version from the image. Described e.g. in this article https://jamiemagee.co.uk/blog/scanning-windows-container-images-is-surprisingly-easy/