scout-cli
scout-cli copied to clipboard
docker
Docker Scout CLI
Hello. Docker scout version is 1.16.1. If a license of a component of the image is encoded as a SPDX license expression, in the generated CycloneDX SBOM for the image...
Hi, I'm the maintainer of the mageia Linux images, and I noticed that the security scan in Docker Hub reports no vulnerabilities for them. What can be done so these...
Given Dockerfile ```Dockerfile FROM ubuntu:22.04 RUN apt-get update && apt-get install -y python3-cryptography ``` When I run ``` ../.docker/scout/docker-scout cves --only-cve-id CVE-2023-50782 --locations scout-testing:latest ``` I get in the output:...
When creating an SBOM file with the _docker scout sbom --format cyclonedx ..._ command, I noticed that a component links its own file (.dll) as a subcomponent. Example of a...
When I try to scan locally built Docker images with the Docker Scout _GUI_, then I get a security report. However, when I use the Docker Scout CLI, then it...
Hi, For non-desktop installations of Docker, I want Docker Scout to also autoupdate, so that I can manage hosts more effectively.
The three different methods for managing Docker Scout (Docker Desktop vs. automated Docker Scout install shell script vs. manual Docker Scout extraction), use different directory structures. The first two methods...
I have been attempting to bypass some vulnerabilities on the Microsoft SDK from mcr.microsoft.com/dotnet/[email protected]. I have created three documents, each with a statement targeting a separate vulnerability (CVE-2025-26646, CVE-2025-55247, CVE-2025-59375)....
Docker Scout treats images vulnerable to CVE-2025-11579 as having a clean bill of health with no CVE's. Whereas Snyk Container identifies this, and other CVE's in the Snyk Vulnerability Database....
Docker Scout with `fs://.` should obey `.dockerignore` patterns when considering which SBOM directories and file paths to scan, and which to skip. There should also be a command line flag...