View the results of your Mend CLI Container Image scan
Overview
Once your Mend CLI Container Image scan is completed, there are multiple resources provided to help you review, analyze, and triage your results.
Console results
The Mend CLI Container Image scan outputs a summary of the detected security vulnerabilities:
Field | Description |
|---|---|
| Displays the name of the library. An asterisk ( |
| The severity level of the detected vulnerability (Critical, High, Medium, Low), according to the score of the relevant vendor. To detect malicious packages, run an SCA scan directly on the public libraries. |
| Displays the version of the library in this image. |
| Displays the fixed version of the library in which this CVE is fixed. |
| DIsplays the details of the vulnerability, and a link to the CVE in Mend’s vulnerability database. |
Mend Platform Application
Within the Mend Platform Application, you can review each Mend CLI scan’s summary, details, and more.
Tags
During a Mend CLI scan of container images, a few scan tags will be added to each scan automatically, for improved scan management and traceability.
image.idimage.nameimage.tag
These tags will be visible for you in the platform UI:
Mend CLI Logs - Container Images
The Mend CLI stores Container Image scan logs in the .mend/logs/cn directory.