Vulnerability scan for Docker containers
Questions tagged [clair]
27 questions
1
vote
1 answer
Is it possible to 'Security Scan' running docker containers that have been deployed to k8s?
We have harbor scanning containers before they have been deployed. Once they are scanned, we then deploy them to the platform (k8s).
Is there anyway to scan a container just say a few weeks down the line after it has been deployed? Without…
CPdev
- 375
- 2
- 5
- 20
1
vote
1 answer
Disable ipv6 for docker in Ubuntu 14.04
I have an issue with the docker daemon installed on an Ubuntu 14.04 VM. The logs reveal that ipv6 is enabled hence the docker seems to be listening on this ip address. Essentially, this effects Clair. I have made sure that ipv6 is disabled on the…
SyCode
- 1,077
- 4
- 22
- 33
0
votes
2 answers
Docker Static Analysis With Clair?
Who can help to deal with Docker Static Analysis With Clair?
I get an error when analyzing help me figure it out or tell me how to install the Docker Clair scanner correctly?
Getting Setup
git clone…
Georgy
- 15
- 4
0
votes
1 answer
Quay Clair - Could not get an output on scanning the container images
I'm new to the container security concept. I would like to find the vulnerabilities in the Container images using Quay Clair.
Note: I already tried the container vulnerability scanning using Anchore Engine(which is very straightforward); however,…
Lingom KSR
- 1
- 1
0
votes
1 answer
Redhat clair could not send notification via notifier
I'm currently looking that I can use clair to scan quayrepos.
Here some basic Informations:
Docker Version: 19.03.13
Docker API Version: 1.40
GO Version: go1.13.15
OS: redhat 7.9
Container Version (Redis,Postgres,Clair,Quay): latest
Storage:…
VallingSki
- 133
- 4
0
votes
1 answer
Fix vulnerabilities for Azure ACR
Can someone please advise on how to fix the vulnerabilities found by Klar using Clair scanner for my Azure ACR image. I'm still new to working with containers.
Here is a sample of the result from Klar
Found in: apparmor [2.10.95-0ubuntu2.11]
Fixed…
Jay chuks
- 389
- 1
- 5
- 18
0
votes
0 answers
How to communicate with a gitlab service container
I have the following .gitlab-ci.yml file:
stages:
- scan
scanning:
stage: scan
image: docker:19.03.6
services:
- name: arminc/clair-db:latest
- name: docker:dind
before_script:
- docker login -u $DOCKER_USERNAME -p…
0
votes
3 answers
ClaiR/Rascal: Best way to list public functions?
I am parsing an C++ header file using ClaiR and want to get a list of the public functions.
visit(ast) {
case \class(_, name(n), _, decs): {
println("class name: ");
isPublic = true;
for (dec <- decs) {
…
Matty
- 134
- 1
- 7
0
votes
1 answer
Rascal/Clair: Unable to access comments from M3
I try to iterate over all comments in a C++ source file, but I fail to access M3.comments.
I tried iprintln, for-, switch- and visit-statements.
iprintln(m3) gives the following output:
m3(
|file://bla.c|,
macroExpansions={},
…
Matty
- 134
- 1
- 7
0
votes
1 answer
Debian docker image bugs
I am using clair to scan my docker images and I see that there are a lot of High priority bugs flagged for my image python:2.7-stretch which is based off Debian:stretch. Now most of these are fixed in a newer version of stretch (called stretch…
devops84uk
- 691
- 2
- 6
- 20
0
votes
1 answer
Configuration to analyse docker-images with paclair for clair from nexus
I am looking for an example-configuration for paclair so I can run paclair to analyse docker images which I stored in a private Docker registry which is hosted in nexus.
At the moment I have the following configuration
General:
clair_url:…
user5832678
0
votes
1 answer
Clair startup error grpc: addrConn.resetTransport failed to create client transport: connection error
I am trying to run the clair docker image quay.io/coreos/clair-git:latest using docker-compose. when start the container it started throwing this message. not getting any response for name space query curl -v http://localhost:6060/v1/namespaces …
sfgroups
- 18,151
- 28
- 132
- 204