evs is CLI Tool for scainng AWS ECR Vulnerabilities.
go install github.com/jedipunkz/evs- go 1.18 or later
$ evs scan --image testimage:latest --region ap-northeast-1
+----------------+--------+
| SEVERITY LEVEL | COUNTS |
+----------------+--------+
| MEDIUM | 2 |
| LOW | 12 |
| INFORMATIONAL | 4 |
+----------------+--------+$ evs list --image testimage:latest --region ap-northeast-1
+------------------+---------------+----------------------------------------------------------------+---------------------------------+
| CVE NAME | SEVERITY | URI | DESCRIPTION |
+------------------+---------------+----------------------------------------------------------------+---------------------------------+
| CVE-2021-20305 | MEDIUM | http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-20305 | A flaw was found in Nettle |
| | | | in versions before 3.7.2, |
| | | | where several Nettle signature |
| | | | verification functions |
| | | | (GOST DSA, EDDSA & ECDSA) |
<snip>
Tomokazu HIRAI (@jedipunkz)
The source code is licensed MIT. The website content is licensed CC BY 4.0,see LICENSE.