Container Registry allows you to perform security scan on some fundamental Linux-based images. You can scan your images with only one click. The scan time varies depending on the image size. Generally, it takes less than three minutes to scan one image.
Currently, only some Linux-based images are supported, and only images built based on the following base images can obtain the scan results.
- Ubuntu: 12.04 or later
- RedHat: 5, 6, and 7
- CentOS: 5, 6, and 7
- Oracle: 5, 6, and 7
- Debian: 7, 8, 9, and 10
- Alpine: 3.3, 3.4, 3.5, and 3.6
Log on to the Container Registry console.
Select the region.
Click Manage at the right of an image repository to enter the repository details page.
Click Image Versions in the left-side navigation pane.
Click Security Scan at the right of the image version.
Trigger the security scan of the security image. After a moment, an image vulnerability report is displayed.
After an image security scan is completed, a vulnerability report is generated as follows.
Vulnerability information is categorized into four levels: High, Medium, Low, and Unknown. Vulnerability details and the corresponding bug fix versions are displayed.