Skip to content

v1.11.0

Marketplace
Marketplace
Compare
Choose a tag to compare
@github-actions github-actions released this 24 Jul 08:22
· 6 commits to main since this release
v1.11.0
c854600
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Highlights

  • Filter CVEs listed in the CISA Known Exploited Vulnerabilities catalog. 
    uses: docker/scout-action@v1
with:
  command: cves
  image: [IMAGE]
  only-cisa-kev: true

Bug Fixes / Improvements

  • Allow VEX matching when no subcomponents.
  • Fix panic when attaching an invalid VEX document.
  • Fix SPDX document root.
  • Fix base image detection when image uses SCRATCH as the base image.

Contributors

@cdupuis @LaurentGoderre @felipecruz91

Assets 2
Loading