Hide Forgot
The dashboard card from the security operator plugin doesn't make it clear that it only scans images from quay. This could give users a false sense of security when it says there are no vulnerabilities. It's possible containers running images from other registries are vulnerable. We should add a statement in the UI that only images from quay are scanned.
This is not release blocking. Moving to low severity.
Status text: Quay Image Security Popover title: Quay Image Security breakdown (Breakdown can be dropped if too long.) Popover description: Container images from quay are analyzed to identify vulnerabilities. Images from other registries will not be scanned.
Created attachment 1645423 [details] dashboard
The text show images scaned from quay 4.4.0-0.nightly-2019-12-15-184910
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581