Uploaded image for project: 'Clair'
  1. Clair
  2. CLAIRDEV-110

Quay 3.13.0 Clair 4.8.0 can't report Ruby HIGH image vulnerability

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Undefined Undefined
    • None
    • clair-4.8.0
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      Description:

      This is an issue found in Quay 3.13 with Clair 4.8.0, after pushed image with Ruby High Image vulnerability to Quay and scanned by Clair, check the vulnerability report, found can't show the Ruby HIGH image vulnerability "CVE-2024-49761", pls review this issue.

      Clair: 4.8.0

      Test Image: docker.io/ruby:3.3.5-bullseye

      Expected Ruby HIGH Image Vulnerability:

      Quay 3.13 with Clair 4.8.0:

        1. image-2024-11-07-17-00-36-145.png
          image-2024-11-07-17-00-36-145.png
          211 kB
        2. image-2024-11-07-17-01-35-438.png
          image-2024-11-07-17-01-35-438.png
          67 kB

              Unassigned Unassigned
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: