Skip to content
This repository was archived by the owner on Jul 18, 2025. It is now read-only.
This repository was archived by the owner on Jul 18, 2025. It is now read-only.

Docker scan reporting just one vulnerability while anchore reporting much more - something wrong? #167

Open
Open
Docker scan reporting just one vulnerability while anchore reporting much more - something wrong?#167
@nithanda

Description

@nithanda
nithanda
opened on Jul 30, 2021

Description

docker scan reported only 1 vulnerability, while if i use anchore (syft), it reports 100+. Why results are so different - is it because with docker you are only showing limited?

docker scan xxxx

Testing xxxx...

✗ High severity vulnerability found in krb5-libs
Description: ELSA-2021-9294
Info: https://snyk.io/vuln/SNYK-ORACLE7-KRB5LIBS-1303151
Introduced through: krb5-libs@1.15.1-50.el7
From: krb5-libs@1.15.1-50.el7
Fixed in: 0:1.15.1-50.0.1.el7

Package manager: rpm
Project name: docker-image|xxxx
Docker image: xxxx
Platform: linux/amd64

Tested 215 dependencies for known vulnerabilities, found 1 vulnerability.

For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp

Sample output from anchore (with same image)

NAME INSTALLED FIXED-IN VULNERABILITY SEVERITY
avro 1.10.1 CVE-2019-17195 Critical
bzip2 0.9.1 CVE-2005-1260 Medium
bzip2 0.9.1 CVE-2010-0405 Medium
bzip2 0.9.1 CVE-2011-4089 Medium
bzip2 0.9.1 CVE-2019-12900 Critical
click 6.7 CVE-2015-8768 Critical
client 1.20.19 CVE-2008-1106 High
client 1.20.19 CVE-2013-3705 Medium
client 1.20.19 CVE-2016-0799 Critical
client 1.20.19 CVE-2016-0800 Medium
client 1.20.19 CVE-2018-7687 High
client 1.22.5 CVE-2008-1106 High
client 1.22.5 CVE-2013-3705 Medium
client 1.22.5 CVE-2016-0799 Critical
client 1.22.5 CVE-2016-0800 Medium
client 1.22.5 CVE-2018-7687 High
common 1.22.5 CVE-2015-5723 High
common 1.10.10 CVE-2015-5723 High
common 1.20.19 CVE-2015-5723 High
common 0.5.65 CVE-2015-5723 High
common 1.13.32 CVE-2015-5723 High
commons-collections4 4.4 CVE-2013-1907 Medium
commons-collections4 4.4 CVE-2013-1908 Medium
commons-compress 1.20 CVE-2013-1907 Medium
commons-compress 1.20 CVE-2013-1908 Medium
commons-compress 1.20 CVE-2021-35515 High
commons-compress 1.20 CVE-2021-35516 High
commons-compress 1.20 CVE-2021-35517 High
commons-compress 1.20 CVE-2021-36090 High
commons-csv 1.8 CVE-2013-1907 Medium
commons-csv 1.8 CVE-2013-1908 Medium

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions