For vulnerability-related policies, the policy details view displays the fix
version that removes the vulnerability, when a fix version is available. To fix
the issue, upgrade the package version to the fix version.
For licensing-related policies, the list shows all packages whose license
doesn't meet the policy criteria. To fix the issue, find a way to remove the
dependency to the violating package, for example by looking for an alternative
package distributed under a more appropriate license.
## CLI
To view policy status for an image from the CLI, use the `docker scout policy`
command.
```console
$ docker scout policy \
--org dockerscoutpolicy \
--platform linux/amd64 \
dockerscoutpolicy/email-api-service:0.0.2
✓ Pulled
✓ Policy evaluation results found
## Overview
│ Analyzed Image
─────────────┼──────────────────────────────────────────────
Target │ dockerscoutpolicy/email-api-service:0.0.2
digest │ 17b1fde0329c
platform │ linux/amd64
## Policies
Policy status FAILED (2/8 policies met, 3 missing data)
Status │ Policy │ Results
─────────┼─────────────────────────────────────────────────────┼──────────────────────────────
✓ │ No copyleft licenses │ 0 packages
! │ Default non-root user │
! │ No fixable critical or high vulnerabilities │ 2C 1H 0M 0L
✓ │ No high-profile vulnerabilities │ 0C 0H 0M 0L
? │ No outdated base images │ No data
│ │ Learn more ↗
? │ SonarQube quality gates passed │ No data
│ │ Learn more ↗
! │ Supply chain attestations │ 2 deviations
? │ No unapproved base images │ No data
...
```
For more information about the command, refer to the [CLI
reference](/reference/cli/docker/scout/policy.md).