CVE Scanning and Guided Remediation with OSV Scanner

Figure 1. OSV Scanner Security is a critical aspect of software development, and staying ahead of vulnerabilities is essential for us application developers. Google’s OSV Scanner is a powerful tool that helps detect vulnerabilities in open-source dependencies. This article will guide us through setting up and using OSV Scanner to secure our projects, scan for invalid licenses, scan OCI images and finally how to fix findings via guided remediation. ...

March 28, 2025 · 8 min · 1577 words · Micha Kops

Docker Snippets

Inspect Docker Image with dive Install dive brew install dive Now we can run dive against any Docker image we wish to inspect…​ Run dive dive confluentinc/cp-kafka:5.4.3 Figure 1. Screenshot of dive analyzing the Kafka Docker image Resources: dive on GitHub Introspect Private Docker Registry List images: curl -s https://the-registry-url/v2/_catalog Get tags for an image curl -s https://the-registry-url/v2/the-image-name/tags/list An example: curl -s https://registry.local/v2/alpine/rabbitmq/tags/list {"name":"alpine/rabbitmq","tags":["3.9.17"]} Run Trivy Scan for Docker Image docker run aquasec/trivy image IMAGE:TAG ...

March 1, 2010 · 2 min · 258 words · Micha Kops