In [80]:
from dataclasses import dataclass


@dataclass
class ToolsReport:
    cve_bin_tool: int
    docker_scout: int
    docker_scout_sbom: int
    grype: int
    grype_sbom: int
    snyk: int
    trivy: int
    trivy_sbom: int

In [81]:
import os


def get_latest_file_in_folder(folder_path: str) -> str:
    files = os.listdir(folder_path)
    return folder_path + "/" + sorted(files)[-1]

In [82]:
import json

from schemas.cve import CVE


def read_vulnerabilities_from_file(report_path: str) -> list[CVE]:
    with open(report_path, "r") as txt:
        vulnerabilities = json.load(txt)
    return list(map(lambda raw_vulnerability: CVE(**raw_vulnerability), vulnerabilities))

In [83]:
def get_reports_on_images(image_name: str) -> ToolsReport:
    folder = f"reports/{image_name}"

    cve_bin_tool_latest_report = get_latest_file_in_folder(folder + "/cve-bin-tool")
    docker_scout_latest_report = get_latest_file_in_folder(folder + "/docker-scout")
    docker_scout_sbom_latest_report = get_latest_file_in_folder(folder + "/docker-scout-sbom")
    grype_latest_report = get_latest_file_in_folder(folder + "/grype")
    grype_sbom_latest_report = get_latest_file_in_folder(folder + "/grype-sbom")
    snyk_latest_report = get_latest_file_in_folder(folder + "/snyk")
    trivy_latest_report = get_latest_file_in_folder(folder + "/trivy")
    trivy_sbom_latest_report = get_latest_file_in_folder(folder + "/trivy-sbom")

    cve_bin_tool_vulnerability: list[CVE] = read_vulnerabilities_from_file(cve_bin_tool_latest_report)
    docker_scout_vulnerability: list[CVE] = read_vulnerabilities_from_file(docker_scout_latest_report)
    docker_scout_sbom_vulnerability: list[CVE] = read_vulnerabilities_from_file(docker_scout_sbom_latest_report)
    grype_vulnerability: list[CVE] = read_vulnerabilities_from_file(grype_latest_report)
    grype_sbom_vulnerability: list[CVE] = read_vulnerabilities_from_file(grype_sbom_latest_report)
    snyk_vulnerability: list[CVE] = read_vulnerabilities_from_file(snyk_latest_report)
    trivy_vulnerability: list[CVE] = read_vulnerabilities_from_file(trivy_latest_report)
    trivy_sbom_vulnerability: list[CVE] = read_vulnerabilities_from_file(trivy_sbom_latest_report)

    return ToolsReport(
        cve_bin_tool=cve_bin_tool_vulnerability,
        docker_scout=docker_scout_vulnerability,
        docker_scout_sbom=docker_scout_sbom_vulnerability,
        grype=grype_vulnerability,
        grype_sbom=grype_sbom_vulnerability,
        snyk=snyk_vulnerability,
        trivy=trivy_vulnerability,
        trivy_sbom=trivy_sbom_vulnerability,
    )

In [84]:
images = os.listdir("reports")
images = list(filter(lambda image: not image.startswith("."), images))

In [85]:
data = {
    "Image": [],
    "CVE-bin-tool": [],
    "Docker Scout": [],
    "Docker Scout SBOM": [],
    "Grype": [],
    "Grype SBOM": [],
    "Snyk": [],
    "Trivy": [],
    "Trivy SBOM": [],
}

In [86]:
for image in images:
    image_report = get_reports_on_images(image)

    data["Image"].append(image)
    data["CVE-bin-tool"].append(len(image_report.cve_bin_tool))
    data["Docker Scout"].append(len(image_report.docker_scout))
    data["Docker Scout SBOM"].append(len(image_report.docker_scout_sbom))
    data["Grype"].append(len(image_report.grype))
    data["Grype SBOM"].append(len(image_report.grype_sbom))
    data["Snyk"].append(len(image_report.snyk))
    data["Trivy"].append(len(image_report.trivy))
    data["Trivy SBOM"].append(len(image_report.trivy_sbom))

In [87]:
data

{'Image': ['tensorflow_tensorflow:nightly',
  'vulhub_adminer:4.7.8',
  'karljohns0n_nginx-more:php-8.2-nodejs',
  'pheblar_flask_python_currency-weather_app:8149f6b91098ab20986e2f92e83d4606232d3bdd',
  'genedna_mega:mono-ui-0.1-pre-release',
  'dockerhubaneo_armonik_pollingagent:0.33.0-SNAPSHOT.53.edf2da3a',
  'consul:1.15.4',
  'mateuszskowron21_metrics-exporter:v1.0',
  'vulhub_aria2:1.18.8',
  'httpd:2.4.62',
  'vulhub_celery:3.1.23',
  'snilsumelis_hello-world-for-argocd:eb3214e',
  'mariadb:11',
  'jfcoz_blog:sha-b4a1160',
  'vulhub_git:2.12.2-with-openssh',
  'busybox:1.37',
  'registry:2',
  'hexlo_terraria-tmodloader-server:0.1.0.0',
  'rabbitmq:4',
  'ubuntu:25.04',
  'memcached:1.6.32',
  'vulhub_bash:4.3.0-with-httpd',
  'redis:7.4',
  'kolejka_satori:judge',
  'vulhub_activemq:5.17.3',
  'node:23',
  'alpine:3.20',
  'centos:centos7',
  'postgres:16.6',
  'icoy_kube-combo-base:v0.0.7-amd64',
  'torizon_qt6-wayland-imx8:4-rc',
  'upswot_upswot.api:6.0.2.0',
  'rezcarbon_mem

In [88]:
import pandas as pd


df = pd.DataFrame(data)

In [89]:
df

Unnamed: 0,Image,CVE-bin-tool,Docker Scout,Docker Scout SBOM,Grype,Grype SBOM,Snyk,Trivy,Trivy SBOM
0,tensorflow_tensorflow:nightly,88,1510,1510,2025,2036,465,1762,53
1,vulhub_adminer:4.7.8,106,212,212,3658,3658,1587,3666,178
2,karljohns0n_nginx-more:php-8.2-nodejs,363,7,7,297,622,0,5,7
3,pheblar_flask_python_currency-weather_app:8149...,16,11,11,13,13,0,11,11
4,genedna_mega:mono-ui-0.1-pre-release,5,0,0,0,0,0,0,0
5,dockerhubaneo_armonik_pollingagent:0.33.0-SNAP...,0,24,24,72,72,158,77,11
6,consul:1.15.4,37,50,50,77,77,0,43,43
7,mateuszskowron21_metrics-exporter:v1.0,13,32,32,103,103,216,103,14
8,vulhub_aria2:1.18.8,276,0,0,468,468,1222,309,73
9,httpd:2.4.62,18,38,38,132,132,288,135,20


In [90]:
paper_data = {
    "Image": [],
    "Trivy": [],
    "CVE-bin-tool": [],
    "Unique CVE-bin-tool": []
}

In [91]:
from utils.cve_utils import find_unique_vulnerabilities


for image in images:
    image_report = get_reports_on_images(image)

    paper_data["Image"].append(image)
    paper_data["Trivy"].append(len(image_report.trivy))
    paper_data["CVE-bin-tool"].append(len(image_report.cve_bin_tool))
    paper_data["Unique CVE-bin-tool"].append(
        len(find_unique_vulnerabilities(
            image_report.trivy,
            image_report.cve_bin_tool,
        ))
    )

In [92]:
paper_data

{'Image': ['tensorflow_tensorflow:nightly',
  'vulhub_adminer:4.7.8',
  'karljohns0n_nginx-more:php-8.2-nodejs',
  'pheblar_flask_python_currency-weather_app:8149f6b91098ab20986e2f92e83d4606232d3bdd',
  'genedna_mega:mono-ui-0.1-pre-release',
  'dockerhubaneo_armonik_pollingagent:0.33.0-SNAPSHOT.53.edf2da3a',
  'consul:1.15.4',
  'mateuszskowron21_metrics-exporter:v1.0',
  'vulhub_aria2:1.18.8',
  'httpd:2.4.62',
  'vulhub_celery:3.1.23',
  'snilsumelis_hello-world-for-argocd:eb3214e',
  'mariadb:11',
  'jfcoz_blog:sha-b4a1160',
  'vulhub_git:2.12.2-with-openssh',
  'busybox:1.37',
  'registry:2',
  'hexlo_terraria-tmodloader-server:0.1.0.0',
  'rabbitmq:4',
  'ubuntu:25.04',
  'memcached:1.6.32',
  'vulhub_bash:4.3.0-with-httpd',
  'redis:7.4',
  'kolejka_satori:judge',
  'vulhub_activemq:5.17.3',
  'node:23',
  'alpine:3.20',
  'centos:centos7',
  'postgres:16.6',
  'icoy_kube-combo-base:v0.0.7-amd64',
  'torizon_qt6-wayland-imx8:4-rc',
  'upswot_upswot.api:6.0.2.0',
  'rezcarbon_mem

In [93]:
import pandas as pd
paper_df = pd.DataFrame(paper_data)

In [94]:
paper_df

Unnamed: 0,Image,Trivy,CVE-bin-tool,Unique CVE-bin-tool
0,tensorflow_tensorflow:nightly,1762,88,87
1,vulhub_adminer:4.7.8,3666,106,72
2,karljohns0n_nginx-more:php-8.2-nodejs,5,363,363
3,pheblar_flask_python_currency-weather_app:8149...,11,16,3
4,genedna_mega:mono-ui-0.1-pre-release,0,5,5
5,dockerhubaneo_armonik_pollingagent:0.33.0-SNAP...,77,0,0
6,consul:1.15.4,43,37,24
7,mateuszskowron21_metrics-exporter:v1.0,103,13,11
8,vulhub_aria2:1.18.8,309,276,231
9,httpd:2.4.62,135,18,17


In [95]:
min_value = paper_df["Unique CVE-bin-tool"].min()
max_value = paper_df["Unique CVE-bin-tool"].max()
median_value = paper_df["Unique CVE-bin-tool"].median()

In [96]:
print(f"Min value: {min_value}")
print(f"Max value: {max_value}")
print(f"Median value: {median_value}")

Min value: 0
Max value: 415
Median value: 40.0


In [97]:
most_pulled_images = [
    "memcached:1.6.32",
    "tensorflow_tensorflow:nightly",
    "nginx:1.27",
    "busybox:1.37",
    "alpine:3.20",
    "ubuntu:25.04",
    "redis:7.4",
    "postgres:16.6",
    "python:3.13",
    "node:23",
    "httpd:2.4.62",
    "mongo:8.0",
    "rabbitmq:4",
    "mariadb:11",
    "registry:2",
    "debian:12",
    "php:8.2",
    "centos:centos7",
    "influxdb:1.11.8",
    "consul:1.15.4",
]

In [98]:
paper_most_pulled_data = {
    "Image": [],
    "Trivy": [],
    "CVE-bin-tool": [],
    "Unique CVE-bin-tool": []
}

In [99]:
for image in most_pulled_images:
    image_report = get_reports_on_images(image)

    paper_most_pulled_data["Image"].append(image)
    paper_most_pulled_data["Trivy"].append(len(image_report.trivy))
    paper_most_pulled_data["CVE-bin-tool"].append(len(image_report.cve_bin_tool))
    paper_most_pulled_data["Unique CVE-bin-tool"].append(
        len(find_unique_vulnerabilities(
            image_report.trivy,
            image_report.cve_bin_tool,
        ))
    )

In [100]:
paper_most_pulled_df = pd.DataFrame(paper_most_pulled_data)

In [101]:
paper_most_pulled_df

Unnamed: 0,Image,Trivy,CVE-bin-tool,Unique CVE-bin-tool
0,memcached:1.6.32,80,0,0
1,tensorflow_tensorflow:nightly,1762,88,87
2,nginx:1.27,159,67,55
3,busybox:1.37,0,0,0
4,alpine:3.20,0,4,4
5,ubuntu:25.04,0,34,34
6,redis:7.4,138,52,8
7,postgres:16.6,224,50,6
8,python:3.13,1565,112,97
9,node:23,1530,111,96


In [102]:
max_most_pulled_value = paper_most_pulled_df["Unique CVE-bin-tool"].max()
median_most_pulled_value = paper_most_pulled_df["Unique CVE-bin-tool"].median()

In [103]:
print(f"Most pulled images, max: {max_most_pulled_value}")
print(f"Most pulled images, median: {median_most_pulled_value}")

Most pulled images, max: 415
Most pulled images, median: 29.0


In [43]:
vulnerable_images = [
    "vulhub_activemq:5.17.3",
    "vulhub_adminer:4.7.8",
    "vulhub_apisix:2.9",
    "vulhub_appweb:7.0.1",
    "vulhub_aria2:1.18.8",
    "vulhub_bash:4.3.0-with-httpd",
    "vulhub_cacti:1.2.22",
    "vulhub_celery:3.1.23",
    "vulhub_cups-browsed:2.0.1",
    "vulhub_git:2.12.2-with-openssh",
]

In [44]:
paper_vulhub_data = {
    "Image": [],
    "Trivy": [],
    "CVE-bin-tool": [],
    "Unique CVE-bin-tool": []
}

In [45]:
for image in vulnerable_images:
    image_report = get_reports_on_images(image)

    paper_vulhub_data["Image"].append(image)
    paper_vulhub_data["Trivy"].append(len(image_report.trivy))
    paper_vulhub_data["CVE-bin-tool"].append(len(image_report.cve_bin_tool))
    paper_vulhub_data["Unique CVE-bin-tool"].append(
        len(find_unique_vulnerabilities(
            image_report.trivy,
            image_report.cve_bin_tool,
        ))
    )

In [46]:
paper_vulhub_df = pd.DataFrame(paper_vulhub_data)

In [47]:
paper_vulhub_df

Unnamed: 0,Image,Trivy,CVE-bin-tool,Unique CVE-bin-tool
0,vulhub_activemq:5.17.3,404,184,85
1,vulhub_adminer:4.7.8,3666,106,72
2,vulhub_apisix:2.9,1208,790,415
3,vulhub_appweb:7.0.1,498,339,294
4,vulhub_aria2:1.18.8,309,276,231
5,vulhub_bash:4.3.0-with-httpd,258,231,196
6,vulhub_cacti:1.2.22,3909,153,79
7,vulhub_celery:3.1.23,311,331,273
8,vulhub_cups-browsed:2.0.1,2005,138,94
9,vulhub_git:2.12.2-with-openssh,560,221,105


In [55]:
max_vulnerable_images = paper_vulhub_df["Unique CVE-bin-tool"].max()
median_vulnerable_images = paper_vulhub_df["Unique CVE-bin-tool"].median()

In [56]:
print(f"Max vulnerable images: {max_vulnerable_images}")
print(f"Median vulnerable images: {median_vulnerable_images}")

Max vulnerable images: 415
Median vulnerable images: 150.5


In [73]:
random_images = [
    "1maa_erlang:21-alpine",
    "adysis_vector:v1.0.1",
    "besscroft_picimpact:v2.0.2",
    "breuner_elbencho:master-ubuntu1804",
    "dockerhubaneo_armonik_pollingagent:0.33.0-SNAPSHOT.53.edf2da3a",
    "domboeckli_sdjpa-hibernate-dao:0.0.1_feature_fix_h2_console-SNAPSHOT",
    "elsamhaa_alpine:1",
    "enmanuelmoreira_docker-ansible-debian:12-arm64",
    "frostfree_kittygram_backend:v0.1",
    "genedna_mega:mono-ui-0.1-pre-release",
    "hexlo_terraria-tmodloader-server:0.1.0.0",
    "icoy_kube-combo-base:v0.0.7-amd64",
    "jarebear_hbni-audio-archive:2025.03.23.13",
    "jfcoz_blog:sha-b4a1160",
    "karljohns0n_nginx-more:php-8.2-nodejs",
    "kolejka_satori:judge",
    "mateuszskowron21_metrics-exporter:v1.0",
    "myonara_webmud3:unitopia",
    "nathstevo97_ckan:302234cc4b597c3b0c8aa35e443f0a35f24cf169",
    "ngshiheng_cafireshistorydb:20250413",
    "passimx_chats-frontend:0.0.1",
    "phatluu313_el-fe:0ebef20b",
    "pheblar_flask_python_currency-weather_app:8149f6b91098ab20986e2f92e83d4606232d3bdd",
    "w3io_w3-runtime:fd97f250b78da05a9811ac997fdb46bfcc08faac",
    "rezcarbon_memorycortex:1.1.9-fixed",
    "snilsumelis_hello-world-for-argocd:eb3214e",
    "socrata_java-focal:17",
    "solvworld_web-app:1.0",
    "torizon_qt6-wayland-imx8:4-rc",
    "upswot_upswot.api:6.0.2.0",
]

In [74]:
paper_random_data = {
    "Image": [],
    "Trivy": [],
    "CVE-bin-tool": [],
    "Unique CVE-bin-tool": []
}

In [75]:
for image in random_images:
    image_report = get_reports_on_images(image)

    paper_random_data["Image"].append(image)
    paper_random_data["Trivy"].append(len(image_report.trivy))
    paper_random_data["CVE-bin-tool"].append(len(image_report.cve_bin_tool))
    paper_random_data["Unique CVE-bin-tool"].append(
        len(find_unique_vulnerabilities(
            image_report.trivy,
            image_report.cve_bin_tool,
        ))
    )

In [76]:
paper_random_df = pd.DataFrame(paper_random_data)

In [77]:
paper_random_df

Unnamed: 0,Image,Trivy,CVE-bin-tool,Unique CVE-bin-tool
0,1maa_erlang:21-alpine,33,29,13
1,adysis_vector:v1.0.1,127,5,5
2,besscroft_picimpact:v2.0.2,8,13,13
3,breuner_elbencho:master-ubuntu1804,0,132,132
4,dockerhubaneo_armonik_pollingagent:0.33.0-SNAP...,77,0,0
5,domboeckli_sdjpa-hibernate-dao:0.0.1_feature_f...,8,36,36
6,elsamhaa_alpine:1,77,4,0
7,enmanuelmoreira_docker-ansible-debian:12-arm64,861,54,40
8,frostfree_kittygram_backend:v0.1,1990,171,83
9,genedna_mega:mono-ui-0.1-pre-release,0,5,5


In [78]:
max_paper_random = paper_random_df["Unique CVE-bin-tool"].max()
median_paper_random = paper_random_df["Unique CVE-bin-tool"].median()

In [79]:
print(f"Random images, max: {max_paper_random}")
print(f"Random images, median: {median_paper_random}")

Random images, max: 363
Random images, median: 38.5
