Do you have a suggestion for code improvement or tracking existing technical debt? Please describe.

We currently only scan GA LTS versions of our images as part of our security scans and CVE documentation This can lead to missing CVEs that are in pre-release versions, especially if they are not also present in GA versions

Describe the solution you'd like

We should scan and open issues for all released images, including prerelease images

Additional Context

9678 is a PR that addresses CVEs in v1.18.0-beta1 but there is no directly corresponding issue

9669 is the issue for v1.16.6 which led to the CVE scanning of v1.18.0-beta1 and identifying an additional CVE that was not identified in v1.16.6

Gloo Portal has logic for accommodating prerelease versions in scans here

Also note that we should probably scan distroless images Adding those scans may fit neatly into this issue or may need to be a separate issue

solo-io / gloo

Trivy scan pre-release versions #9679

Do you have a suggestion for code improvement or tracking existing technical debt? Please describe.

Describe the solution you'd like

Additional Context

9678 is a PR that addresses CVEs in v1.18.0-beta1 but there is no directly corresponding issue

9669 is the issue for v1.16.6 which led to the CVE scanning of v1.18.0-beta1 and identifying an additional CVE that was not identified in v1.16.6