clair-scanner
clair-scanner copied to clipboard
arminc
Docker containers vulnerability scan
I have run a Clair scan on the `postgres:14.3` Docker image and it complains about an `openssl` vulnerability, which got fixed with the latest version (`1.1.1n-0+deb11u2`). And that version is...
Following the steps in the README https://github.com/arminc/clair-scanner#run with an ubuntu:21.10 image outputs 2022/03/29 18:19:46 [INFO] ▶ Start clair-scanner 2022/03/29 18:19:49 [INFO] ▶ Server listening on port 9279 2022/03/29 18:19:49 [INFO]...
The Badges at the top of the README show that this project is no longer maintained (since 2020). This most likely happened due to a missing update of the badge...
Clair scanner is reporting list of CVEs against image registry.access.redhat.com/ubi8/nodejs-12 and pointing to nodejs-14 advisory. So there are two issues I see here: 1. For nodejs image, it should consider...
Clair not working with Klar API. docker run -e CLAIR_ADDR="http://localhost:6060" -e CLAIR_OUTPUT=Unknown -e CLAIR_THRESHOLD=10 klar centos:7 clair timeout 1m0s docker timeout: 1m0s no whitelist file Analysing 1 layers Failed to...
Does Clair have the ability to stop while scanning an image?
Hello everyone, I am using clair scanner, and while i start the scan "**clair-scanner-master ./clair-scanner --ip 192.168.1.100 alpine:edge**" where 192.168.1.100 is my en0 address. i am running into below issue...
Currently if a single image and its single library (e.g. `glibc`) has multiple CVE's on the whitelist, only one of these CVE's will be considered by `clair-scanner` unless you put...
[CRIT] ▶ Could not analyze layer: Clair responded with a failure: Got response 400 with message {"Error":{"Message":"could not find layer"}}
I'm new to the container security concept. I would like to find the vulnerabilities in the Container images using Quay Clair. Note: I already tried the container vulnerability scanning using...
