Abstract

Docker containers have emerged pivotal in the packaging, distributing and deployment of applications ushering into a new era of flexibility and scalability across diverse computing environments. Consequently, this widespread integration has led to formidable challenges in the security domain. These are primarily concerned with the detection and remediation of vulnerabilities inherently present within the Docker images. This study presents an automated pipeline for Docker image analysis, focusing on vulnerability detection and severity assessment. Employing a methodical research framework, the study undertakes a systematic scrutiny of Docker images sourced from the most comprehensive antecedent, DockerHub. The images are then examined using a blend of manual inspection and automated vulnerability scanning methodologies, aiming to enhance the security posture by identifying and categorizing vulnerabilities based on severity, and to provide insights into the image composition. The threats are then cross-referenced with the common vulnerabilities and exposures (CVE) database to ascertain their presence in known security advisories and to facilitate accurate risk assessment and mitigation strategies.