Home Explore Blog CI



docker
3rd chunk of `content/manuals/scout/explore/image-details-view.md`
cee8d863e8282cb91137b3895c8b87c1256a5134d68c2a750000000100000964
1. Go to the repository page for an image where you have activated Docker Scout
   image analysis.
2. Open the **Tags** tab.
3. Select the tag that you want to view recommendations for.
4. Select the **View recommended base image fixes** button.

   This opens a window which gives you recommendations for you can improve the
   security of your image by using better base images. See
   [Recommendations for base image](#recommendations-for-base-image) for more
   details.

### Recommendations for current image

The recommendations for the current image view helps you determine whether the image
version that you're using is out of date. If the tag you're using is referencing an
old digest, the view shows a recommendation to update the tag by pulling the
latest version.

Select the **Pull new image** button to get the updated version. Check the
checkbox to remove the old version after pulling the latest.

### Recommendations for base image

The base image recommendations view contains two tabs for toggling between
different types of recommendations:

- **Refresh base image**
- **Change base image**

These base image recommendations are only actionable if you're the author of the
image you're inspecting. This is because changing the base image for an image
requires you to update the Dockerfile and re-build the image.

#### Refresh base image

This tab shows if the selected base image tag is the latest available version,
or if it's outdated.

If the base image tag used to build the current image isn't the latest, then the
delta between the two versions shows in this window. The delta information
includes:

- The tag name, and aliases, of the recommended (newer) version
- The age of the current base image version
- The age of the latest available version
- The number of CVEs affecting each version

At the bottom of the window, you also receive command snippets that you can 
run to re-build the image using the latest version.

#### Change base image

This tab shows different alternative tags that you can use, and outlines the
benefits and disadvantages of each tag version. Selecting the base image shows
recommended options for that tag.

For example, if the image you're inspecting is using an old version of `debian`
as a base image, it shows recommendations for newer and more secure versions
of `debian` to use. By providing more than one alternative to choose from, you
Title: Docker Scout: Recommendations for Current and Base Images
Summary
This section details Docker Scout's recommendations for improving image security. It covers how to view recommendations in Docker Hub. The 'Recommendations for current image' view advises updating to the latest image version if the current tag references an old digest. The 'Recommendations for base image' view, for image authors, includes 'Refresh base image' and 'Change base image' tabs. The 'Refresh base image' tab indicates if the current base image is outdated, providing details like tag names, age of versions, and CVE counts, along with command snippets for rebuilding the image. The 'Change base image' tab suggests alternative tags with their benefits and disadvantages, recommending newer and more secure base image versions.