Skip to content

Instantly share code, notes, and snippets.

@renatomefi

renatomefi/Article-dockerfile-security-scan-clair-v2.0.0.md

Created September 17, 2018 18:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save renatomefi/97fe871a8a04762ea25c8ee50ca48ed9 to your computer and use it in GitHub Desktop.
Save renatomefi/97fe871a8a04762ea25c8ee50ca48ed9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Article-dockerfile-security-scan-clair-v2.0.0.md 
$ clair-scanner --ip 172.17.0.1 quay.io/coreos/clair:v2.0.0
2018/09/17 20:15:31 [INFO] ▶ Start clair-scanner
2018/09/17 20:15:35 [INFO] ▶ Server listening on port 9279
2018/09/17 20:15:35 [INFO] ▶ Analyzing 30784cae2b30e82860239f7de81fc755f69bc58a77d52c2d8318ac1162247f66
2018/09/17 20:15:35 [INFO] ▶ Analyzing 858cb12d7179e8919fe9eb4d9235f3c6c5b42a3a990b4bc4d98b7d065cd6d410
2018/09/17 20:15:35 [INFO] ▶ Analyzing dcb049bb3bf0b86e0066e3aed414200c380d6d5ca00fd583ed958b2ac897596c
2018/09/17 20:15:35 [INFO] ▶ Analyzing 8c676d6c9c7d6b0b5d635bda83b80bea5ee2464ef7c5f22540c541d6345f7713
2018/09/17 20:15:35 [INFO] ▶ Analyzing 97d0cd0812dcf22015d9ffb01bc8d634765aab9774a134daedd75456abc3490a
2018/09/17 20:15:35 [INFO] ▶ Analyzing ea9c1b92c10ef25434adf1a68b87bd82830286fca881dcef5d11df9ce84847b3
2018/09/17 20:15:35 [INFO] ▶ Analyzing 8e833c84ae69e4b594b1a811ca6ff864978c16e6af5e1b77fea849925ebd473e
2018/09/17 20:15:35 [INFO] ▶ Analyzing 5a87f814fecd48eeaa48fe1e297d1c387bd847df0163abec11524d6652c17383
2018/09/17 20:15:35 [INFO] ▶ Analyzing 09cb24ad349c66ba5c9236bc69989bdd4cd2b372ea14864ce447015764ca7448
2018/09/17 20:15:35 [INFO] ▶ Analyzing bffa9ff882d899de59088348fe84ced01b08273ca5cf43e4a6720d3af61d98a7
2018/09/17 20:15:35 [INFO] ▶ Analyzing 7f0939de87238ec34f57a6b94a5907b1812c290db4d8d7dcde7b53bea8594dab
2018/09/17 20:15:36 [INFO] ▶ Analyzing af148d7eed8f49d6991b3883e865b3f934f153c089f0cb97c78df25ecf1b8a36
2018/09/17 20:15:36 [WARN] ▶ Image [quay.io/coreos/clair:v2.0.0] contains 13 total vulnerabilities
2018/09/17 20:15:36 [ERRO] ▶ Image [quay.io/coreos/clair:v2.0.0] contains 13 unapproved vulnerabilities
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| STATUS     | CVE SEVERITY            | PACKAGE NAME | PACKAGE VERSION | CVE DESCRIPTION                                                 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | High CVE-2016-9841      | zlib         | 1.2.8-r2        |                                                                 |
|            |                         |              |                 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841    |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | High CVE-2016-9843      | zlib         | 1.2.8-r2        |                                                                 |
|            |                         |              |                 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843    |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | High CVE-2017-1000158   | python2      | 2.7.13-r0       |                                                                 |
|            |                         |              |                 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-14166   | libarchive   | 3.2.2-r1        |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2018-11233   | git          | 2.11.2-r0       |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11233 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-1000117 | git          | 2.11.2-r0       |                                                                 |
|            |                         |              |                 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-16544   | busybox      | 1.25.1-r0       |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16544 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-15873   | busybox      | 1.25.1-r0       |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15873 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-9233    | expat        | 2.2.0-r0        |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233  |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2016-9840    | zlib         | 1.2.8-r2        |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840  |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2018-11235   | git          | 2.11.2-r0       |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2017-15650   | musl         | 1.1.15-r6       |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15650 |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
| Unapproved | Medium CVE-2016-9842    | zlib         | 1.2.8-r2        |   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842  |
+------------+-------------------------+--------------+-----------------+-----------------------------------------------------------------+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment