Closed bluefriday closed 2 years ago
CentOS does not publish any sort of security database, so these are the expected results.
Hello, why not using RHEL7 security database on CENTOS7 distributions ? versions are exactly the same. Same applies for RHEL6 and RHEL8.
According to the CentOS maintainers, they are not the same.
Description of Problem / Feature Request
I scanned for using clairctl and clair latest version about centos image But clair returned no CVEs result. The results were the same even when using a different version of Claire, and no vulnerability was found even if the Centos version was changed.
Expected Outcome
Clair detect CVEs about centos image.
Actual Outcome
Clair does not detect CVEs about centos image.
Environment
uname -a
): Linux clair-vm 4.19.0-18-cloud-amd64 Debian 4.19.208-1 (2021-09-29) x86_64 GNU/Linuxkubectl version
): Only use docker. (Docker 20.10.12)clairctl command result (after clairctl manifest)
clairctl -o json command result (after clairctl manifest)
clair container log
clair config