Skip to content
This repository has been archived by the owner on Nov 29, 2023. It is now read-only.

Docker scan reporting just one vulnerability while anchore reporting much more - something wrong? #167

Open
nithanda opened this issue Jul 30, 2021 · 2 comments
Open

Docker scan reporting just one vulnerability while anchore reporting much more - something wrong? #167

nithanda opened this issue Jul 30, 2021 · 2 comments

Comments

@nithanda
Copy link

Description

docker scan reported only 1 vulnerability, while if i use anchore (syft), it reports 100+. Why results are so different - is it because with docker you are only showing limited?

docker scan xxxx

Testing xxxx...

✗ High severity vulnerability found in krb5-libs
Description: ELSA-2021-9294
Info: https://snyk.io/vuln/SNYK-ORACLE7-KRB5LIBS-1303151
Introduced through: krb5-libs@1.15.1-50.el7
From: krb5-libs@1.15.1-50.el7
Fixed in: 0:1.15.1-50.0.1.el7

Package manager: rpm
Project name: docker-image|xxxx
Docker image: xxxx
Platform: linux/amd64

Tested 215 dependencies for known vulnerabilities, found 1 vulnerability.

For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp

Sample output from anchore (with same image)

NAME INSTALLED FIXED-IN VULNERABILITY SEVERITY
avro 1.10.1 CVE-2019-17195 Critical
bzip2 0.9.1 CVE-2005-1260 Medium
bzip2 0.9.1 CVE-2010-0405 Medium
bzip2 0.9.1 CVE-2011-4089 Medium
bzip2 0.9.1 CVE-2019-12900 Critical
click 6.7 CVE-2015-8768 Critical
client 1.20.19 CVE-2008-1106 High
client 1.20.19 CVE-2013-3705 Medium
client 1.20.19 CVE-2016-0799 Critical
client 1.20.19 CVE-2016-0800 Medium
client 1.20.19 CVE-2018-7687 High
client 1.22.5 CVE-2008-1106 High
client 1.22.5 CVE-2013-3705 Medium
client 1.22.5 CVE-2016-0799 Critical
client 1.22.5 CVE-2016-0800 Medium
client 1.22.5 CVE-2018-7687 High
common 1.22.5 CVE-2015-5723 High
common 1.10.10 CVE-2015-5723 High
common 1.20.19 CVE-2015-5723 High
common 0.5.65 CVE-2015-5723 High
common 1.13.32 CVE-2015-5723 High
commons-collections4 4.4 CVE-2013-1907 Medium
commons-collections4 4.4 CVE-2013-1908 Medium
commons-compress 1.20 CVE-2013-1907 Medium
commons-compress 1.20 CVE-2013-1908 Medium
commons-compress 1.20 CVE-2021-35515 High
commons-compress 1.20 CVE-2021-35516 High
commons-compress 1.20 CVE-2021-35517 High
commons-compress 1.20 CVE-2021-36090 High
commons-csv 1.8 CVE-2013-1907 Medium
commons-csv 1.8 CVE-2013-1908 Medium
@nithanda nithanda changed the title Docker scan reporting just one vulnerability while anchore reporting so many - something wrong? Docker scan reporting just one vulnerability while anchore reporting much more - something wrong? Jul 30, 2021
@nithanda
Copy link
Author

nithanda commented Aug 2, 2021

Any updates to this issue?

@mat007
Copy link
Member

mat007 commented Aug 3, 2021
edited
Loading

Hi @nithanda,
Docker Scan is a Docker CLI plugin wrapping Snyk which actually implements the scanning.
This looks like you may want to ask your question directly at https://github.com/snyk/snyk/ maybe?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mat007 @nithanda