---
title: Docker Scout CLI release notes
linkTitle: CLI release notes
description: Learn about the latest features of the Docker Scout CLI plugin
keywords: docker scout, release notes, changelog, cli, features, changes, delta, new, releases, github actions
---
This page contains information about the new features, improvements, known
issues, and bug fixes in the Docker Scout [CLI plugin](https://github.com/docker/scout-cli/)
and the `docker/scout-action` [GitHub Action](https://github.com/docker/scout-action).
## 1.15.0
{{< release-date date="2024-10-31" >}}
### New
- New `--format=cyclonedx` flag for the `docker scout sbom` to output the SBOM in CycloneDX format.
### Enhancements
- Use high-to-low sort order for CVE summary.
- Support for enabling and disabling repositories that enabled by `docker scout push` or `docker scout watch`.
### Bug fixes
- Improve messaging when analyzing `oci` directories without attestations.
Only single-platform images and multi-platform image _with attestations_ are supported.
Multi-platform images without attestations are not supported.
- Improve classifiers and SBOM indexer:
- Add classifier for Liquibase `lpm`.
- Add Rakudo Star/MoarVM binary classifier.
- Add binary classifiers for silverpeas utilities.
- Improve reading and caching of attestations with the containerd image store.
## 1.14.0
{{< release-date date="2024-09-24" >}}
### New
- Add suppression information at the CVE level in the `docker scout cves` command.
### Bug fixes
- Fix listing CVEs for dangling images, for example: `local://sha256:...`
- Fix panic when analysing a file system input, for instance with `docker scout cves fs://.`
## 1.13.0
{{< release-date date="2024-08-05" >}}
### New
- Add `--only-policy` filter option to the `docker scout quickview`, `docker scout policy` and `docker scout compare` commands.
- Add `--ignore-suppressed` filter option to `docker scout cves` and `docker scout quickview` commands to filter out CVEs affected by [exceptions](/scout/explore/exceptions/).
### Bug fixes and enhancements
- Use conditional policy name in checks.
- Add support for detecting the version of a Go project set using linker flags,
for example:
```console
$ go build -ldflags "-X main.Version=1.2.3"
```
## 1.12.0
{{< release-date date="2024-07-31" >}}
### New
- Only display vulnerabilities from the base image:
```console {title="CLI"}
$ docker scout cves --only-base IMAGE
```
```yaml {title="GitHub Action"}
uses: docker/scout-action@v1
with:
command: cves
image: [IMAGE]
only-base: true
```
- Account for VEX in `quickview` command.
```console {title="CLI"}
$ docker scout quickview IMAGE --only-vex-affected --vex-location ./path/to/my.vex.json
```
```yaml {title="GitHub Action"}
uses: docker/scout-action@v1
with:
command: quickview
image: [IMAGE]
only-vex-affected: true
vex-location: ./path/to/my.vex.json
```
- Account for VEX in `cves` command (GitHub Actions).
```yaml {title="GitHub Action"}
uses: docker/scout-action@v1
with:
command: cves
image: [IMAGE]
only-vex-affected: true
vex-location: ./path/to/my.vex.json
```
### Bug fixes and enhancements
- Update `github.com/docker/docker` to `v26.1.5+incompatible` to fix CVE-2024-41110.
- Update Syft to 1.10.0.
## 1.11.0
{{< release-date date="2024-07-25" >}}
### New
- Filter CVEs listed in the CISA Known Exploited Vulnerabilities catalog.
```console {title="CLI"}
$ docker scout cves [IMAGE] --only-cisa-kev
... (cropped output) ...
## Packages and Vulnerabilities
0C 1H 0M 0L io.netty/netty-codec-http2 4.1.97.Final
pkg:maven/io.netty/netty-codec-http2@4.1.97.Final
✗ HIGH CVE-2023-44487 CISA KEV [OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities]
https://scout.docker.com/v/CVE-2023-44487
Affected range : <4.1.100
Fixed version : 4.1.100.Final
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H