Closed suhalvemu closed 1 year ago
hm, dont think dive has a CVE scanner? Anyway, what you ask for is implemented in trivy and docker scout.
Actually Trivy does not support layer wise scanning. I am not sure about docker scout. But since we are able to show what is present in layers of docker, can we integrate trivy and provide a feature for showing CVE at each layer.
Scout has layer scanning. The problem is not the layers, the problem is the scanning. You would need the logic to detect packages and even worse you needs useful CVE database. I think that is not on the scope of dive, but I could be wrong :)
makes sense.
What would you like to be added: At each layer if there any vulnerabilities present at the time of scanning we can show/display the CVE ID's for better vulnerability detection
Why is this needed: It gives the health of image and helps us with better information in vulnerability scanning. Additional context: