Closed asankaf closed 8 months ago
Thanks @asankaf for this report. I have an idea where this is coming. Let us dig in. I’ll report back once we have a fix in place.
Hi @asankaf This should be resolved now. If you have a second I would appreciate you running it again to verify.
Thanks again for the detailed report!
Hi @whostolebenfrog, I can confirm that the issue is fixed now.
We tried executing
docker scout cves
on one of our docker images and got some confusing findings on the package shown in the screenshot here. We are using the latest non-vulnerable version of the package as you can see from the version numbers (They are exactly the same), butdocker scout cves
still tells us that the vulnerability still exists.Any idea as to why is it behaving like that? Is it because of the existence of the revision number in the package version (v2.88.6.0 vs v2.88.6)?
/Asanka