Skip to content

/ anchore-engine

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add busybox vulnerability scanning support for the platform itself #340

Closed
zhill opened this issue Feb 19, 2020 · 0 comments
Closed

Add busybox vulnerability scanning support for the platform itself #340

zhill opened this issue Feb 19, 2020 · 0 comments
Labels
P2 enhancement good first issue

Comments

@zhill
Copy link
Member

@zhill zhill commented Feb 19, 2020

Currently, engine does not support matching vulnerabilities against the busybox "package" itself. Detected applications are scanned (npm, python, java, etc), but because there aren't os packages as with Centos, Deb, etc there is no "os package" vuln scanning support.

The solution is to add a virtual package to the anchore analysis for the busybox binary itself, which anchore already detects as the distro and distro version in the image metadata output, and use that for vulnerability matching against NVD data.
@nurmi nurmi mentioned this issue Jul 27, 2020
Merged
@nurmi nurmi closed this in 3d7acef Jul 29, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
P2 enhancement good first issue
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
@zhill
You can’t perform that action at this time.