clair-scanner icon indicating copy to clipboard operation
clair-scanner copied to clipboard
verified publisher icon arminc

Scanning Ubuntu 21.10 does find any vulnerabilities (it should)

Open dsheng3 opened this issue 3 years ago • 0 comments

Following the steps in the README https://github.com/arminc/clair-scanner#run with an ubuntu:21.10 image outputs

2022/03/29 18:19:46 [INFO] ▶ Start clair-scanner 2022/03/29 18:19:49 [INFO] ▶ Server listening on port 9279 2022/03/29 18:19:49 [INFO] ▶ Analyzing b1033c67e4415b4700fc07b2b79ec6c3266b8b5ff8f47f2f5925198d2b70b8b2 2022/03/29 18:19:49 [INFO] ▶ Image [ubuntu:21.10] contains NO unapproved vulnerabilities

I would expect at least some vulnerabilites, e.g.

  • zlib is installed in an affected version https://ubuntu.com/security/CVE-2018-25032.
  • zlib vulnerability is detected correctly with ubuntu:20.04

dsheng3 avatar Mar 29 '22 16:03 dsheng3