首頁 探索 說明
註冊 登入
Apq
/
Docker-official-images
镜像来自 https://github.com/docker-library/official-images.git
1
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Add a blurb to SECURITY.md about CVE scanners

Tianon Gravi 2 年之前
父節點
3d9ab3e5d4
當前提交
2933505517
共有 1 個文件被更改,包括 3 次插入1 次删除
分割檢視 顯示文件統計
  1. 3 1
      SECURITY.md

+ 3 - 1
SECURITY.md
查看文件 

@@ -1,6 +1,8 @@
 
 # Security Policy
 
 
-If you believe you have found a security vulnerability, please make every effort to report it to the appropriate maintainers responsibly so that it can be fixed discreetly (also known as "embargo").
 
+If you have run a CVE/security scanner on an image and that is why you are here, you should read [our "Why does my security scanner show that an image has CVEs?" FAQ entry](https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves).
 
+
 
+If you believe you have found a net new security vulnerability, please make every effort to report it to the appropriate maintainers responsibly so that it can be fixed discreetly (also known as "embargo").
 
 
 When the issue relates to a specific image, please make an effort to (privately) contact the maintainers of that specific image.  Some maintainers publish/maintain a `SECRUITY.md` in their GitHub repository, for example, which can be a great place to find information about how to report an issue appropriately.