[CentOS] Package security scanner for CentOS docker containers

Sun Jun 3 01:51:24 UTC 2018
Traiano Welcome <traiano at gmail.com>

Hi List,

I’m looking for a command line package security scanner for CentOS docker

Is there any utility out there for checking alpine packages in an alpine
docker container against the cve database?

Tools similar to debsecan would be ideal (https://github.com/allthings/
debsecan), i.e a tool that can be launched from the host machine, will
connect to a container on the host, or start up a docker image on the
hosts, scan the packages and report CVEs relevant to each package.

Thanks in advance,