View the results of your Mend CLI Container Image scan
Overview
Once your Mend CLI Container Image scan is completed, there are multiple resources provided to help you review, analyze, and triage your results.
Console results
The Mend CLI Container Image scan outputs a summary of the detected security vulnerabilities:
Field | Description |
|---|---|
| Displays the name of the library. An asterisk ( |
| The severity level of the detected vulnerability (Critical, High, Medium, Low), according to the score of the relevant vendor. To detect malicious packages, run an SCA scan directly on the public libraries. |
| Displays the version of the library in this image. |
| Displays the fixed version of the library in which this CVE is fixed. |
| DIsplays the details of the vulnerability, and a link to the CVE in Mend’s vulnerability database. |
Mend Cloud Native Application
Note: Only organization administrators can access the Mend Cloud Native Application UI.
Within the Mend Cloud Native Application, you can review each Mend CLI scan’s summary, details, and more. For more information on how to navigate the Mend Cloud Native Application, visit our Mend Cloud Native Application documentation:
Mend CLI Container Image Logs
The Mend CLI stores Container Image scan logs in the .mend/logs/cn directory.