Home Explore Blog Models CI



docker
4th chunk of `_vendor/github.com/docker/scout-cli/docs/scout_cves.md`
2b98792cedcd939a52f9d3f82fa3ba7e4e75b4a6ae8e0fc40000000100000fa0
| `--only-stage`         | `stringSlice` |            | Comma separated list of multi-stage Docker build stage names                                                                                                                                                                                                                                                                                          |
| `--only-unfixed`       |               |            | Filter to unfixed CVEs                                                                                                                                                                                                                                                                                                                                |
| `--only-vex-affected`  |               |            | Filter CVEs by VEX statements with status not affected                                                                                                                                                                                                                                                                                                |
| `--only-vuln-packages` |               |            | When used with --format=only-packages ignore packages with no vulnerabilities                                                                                                                                                                                                                                                                         |
| `--org`                | `string`      |            | Namespace of the Docker organization                                                                                                                                                                                                                                                                                                                  |
| `-o`, `--output`       | `string`      |            | Write the report to a file                                                                                                                                                                                                                                                                                                                            |
| `--platform`           | `string`      |            | Platform of image to analyze                                                                                                                                                                                                                                                                                                                          |
| `--ref`                | `string`      |            | Reference to use if the provided tarball contains multiple references.<br>Can only be used with archive                                                                                                                                                                                                                                               |
| `--vex-author`         | `stringSlice` |            | List of VEX statement authors to accept                                                                                                                                                                                                                                                                                                               |
| `--vex-location`       | `stringSlice` |            | File location of directory or file containing VEX statements                                                                                                                                                                                                                                                                                          |
Title: Docker Scout CVEs Command Options (Continued)
Summary
This section continues the description of options for the `docker scout cves` command. It details options to filter by Docker build stage names, unfixed CVEs, VEX 'not affected' statuses, and vulnerable packages. It also covers options for specifying the Docker organization, output file, image platform, tarball reference, VEX statement authors, and VEX statement file locations.