Scan Docker image vulnerabilities using Clair, Klar, Docker Registry and Traefik

Edgar Halbert

May 6, 2020·6 min read

Problem: Need to verify Docker image vulnerabilities

Solution: use the open source tool Clair (https://github.com/quay/clair)

Clair is an open source project for the static analysis of already known vulnerabilities in containers. It pulls the known vulnerabilities from various sources such as:

• Debian Security Bug Tracker
• Red Hat Security Data
• Ubuntu CVE Tracker