scan-cli-plugin
scan-cli-plugin copied to clipboard
Published
20 hours ago •
docker
docker
Scan <IMAGE_ID> fails to scan the image.
Description
When running docker scan with the IMAGE ID rather than the name, it seems the scan can't find the image.
Steps to reproduce the issue:
- ensure you are logged in with
docker loginusing a team or pro account - Pull the
docker/getting-startedimage - run
docker imagesand grab a hash fromIMAGE IDcolumn. - try and scan that image with
docker scan <IMAGE ID>, don't use the name.
Got the following error message:
Failed to scan image "33173ccd2867". Please make sure the image and/or repository exist, and that you are using the correct credentials.
Expected to get the scan results, the same as I do when I do docker scan <IMAGE name>
shaunmulligan@Shauns-MacBook-Pro ~ % docker scan docker/getting-started
Testing docker/getting-started...
✗ Low severity vulnerability found in curl/libcurl
Description: Authentication Bypass
Info: https://snyk.io/vuln/SNYK-ALPINE313-CURL-1246357
Introduced through: curl/[email protected], curl/[email protected]
From: curl/[email protected]
From: curl/[email protected] > curl/[email protected]
From: curl/[email protected]
Fixed in: 7.76.0-r0
✗ Medium severity vulnerability found in openssl/libcrypto1.1
Description: NULL Pointer Dereference
Info: https://snyk.io/vuln/SNYK-ALPINE313-OPENSSL-1089240
Introduced through: openssl/[email protected], openssl/[email protected], apk-tools/[email protected], libtls-standalone/[email protected], ca-certificates/ca-certificates@20191127-r5, curl/[email protected], nginx/[email protected]
From: openssl/[email protected]
Output of docker version:
Client:
Cloud integration: 1.0.15
Version: 20.10.6
API version: 1.41
Go version: go1.16.3
Git commit: 370c289
Built: Fri Apr 9 22:46:57 2021
OS/Arch: darwin/arm64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.6
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 8728dd2
Built: Fri Apr 9 22:44:13 2021
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.4.4
GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc:
Version: 1.0.0-rc93
GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Output of docker scan --version:
Version: v0.8.0
Git commit: 35651ca
Provider: Snyk (1.563.0)
Output of docker info:
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
compose: Docker Compose (Docker Inc., 2.0.0-beta.2)
scan: Docker Scan (Docker Inc., v0.8.0)
Server:
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 1
Server Version: 20.10.6
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 5.10.25-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 4
Total Memory: 1.942GiB
Name: docker-desktop
ID: PK67:XOVR:MUHZ:PWB7:5PLX:XRPV:3UMX:GIRF:LRHK:BTH5:HTSB:MRS5
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Additional environment details (AWS, VirtualBox, physical, etc.): This was done on a brand new MacBook Pro M1 after setting up docker.
