Extension does not return correct scan results on Windows 10. #77
Comments
|
Hi @AnandDJFrog, |
|
@sverdlov93 Excellent, thank you for looking into this 😁 |
|
Hi @sverdlov93, I believe a customer is facing this issue. Has this been resolved? |
|
Hi, @raphaelZaa the issue is already fixed and soon it will be released on JFrog Xray version. |
|
Thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The Docker Desktop JFrog Extension does not work properly on Windows 10 machines. Image scans seem to be missing most or all vulnerabilities.
This problem can be demonstrated by Scanning the nginx:1.23.1 image, which is publicly available from DockerHub.
Using Artifactory 7.41.6 and Xray 3.52.4, when we scan the image nginx:1.23.1 using the "All Vulnerabilities" scanning policy, we get the following scan results.
The count of "critical" "high" "medium" and "low" vulnerabilities matches the counts when we generate a report for each severity level for this specific image (note in the screenshot above, the count by severity is organized from top to bottom critical to low while in the screenshot below the count is organized top to bottom low to critical).
When scanning from Windows 10 with the same settings, however, there are no vulnerabilities found at all.
I tried using the "Watches" scanning policy instead, however this resulted in the Image scan simply failing.
The text was updated successfully, but these errors were encountered: