AWS Inspector2/Enhanced Scanning Uses Image Tags to Detect OS

0

Hi,

I am currently trialing Enhanced Scanning with our ECR repos. What I have identified is, it seems Inspector2 is inferring some information from tags, and using that to detect the OS.

For example, see this screenshot -> https://imgur.com/a/VBDNSqL. I have uploaded a container with base image of Oracle Linux 8, with the tag "latest5". ECR is taking the "5" as the OS version, and treating this container as Oracle Linux 5.

You can see in the screenshot also, the CVE's report, and the OS they affect are RHEL 5/6.

I am trying to understand if this is expected behavior or a bug in ECR?

Cheers!

Aucune réponse

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions