This release introduces initial support for **Exceptions** in the Docker Scout
Dashboard. Exceptions let you suppress vulnerabilities found in your images
(false positives), using VEX documents. Attach VEX documents to images as
attestations, or embed them on image filesystems, and Docker Scout will
automatically detect and incorporate the VEX statements into the image analysis
results.

The new [Exceptions page](https://scout.docker.com/reports/vex/) lists all
exceptions affecting images in your organization. You can also go to the image
view in the Docker Scout Dashboard to see all exceptions that apply to a given
image.

For more information, see [Manage vulnerability exceptions](/manuals/scout/explore/exceptions.md).

### 2024-05-06

New HTTP endpoint that lets you scrape data from Docker Scout with Prometheus,
to create your own vulnerability and policy dashboards with Grafana.
For more information, see [Docker Scout metrics exporter](/manuals/scout/explore/metrics-exporter.md).

## Q1 2024

New features and enhancements released in the first quarter of 2024.

### 2024-03-29

The **No high-profile vulnerabilities** policy now reports the `xz` backdoor
vulnerability [CVE-2024-3094](https://scout.docker.com/v/CVE-2024-3094). Any
images in your Docker organization containing the version of `xz/liblzma` with
the backdoor will be non-compliant with the **No high-profile vulnerabilities**
policy.

### 2024-03-20

The **No fixable critical or high vulnerabilities** policy now supports a
**Fixable vulnerabilities only** configuration option, which lets you decide
whether or not to only flag vulnerabilities with an available fix version.

### 2024-03-14

The **All critical vulnerabilities** policy has been removed.
The **No fixable critical or high vulnerabilities** policy provides similar functionality,
and will be updated in the future to allow for more extensive customization,
making the now-removed **All critical vulnerabilities** policy redundant.

### 2024-01-26

**Azure Container Registry** integration graduated from
[Early Access](../../release-lifecycle.md#early-access-ea) to
[General Availability](../../release-lifecycle.md#genera-availability-ga).

For more information and setup instructions, see
[Integrate Azure Container Registry](../integrations/registry/acr.md).

### 2024-01-23

New **Approved Base Images** policy, which lets you restrict which base
images you allow in your builds. You define the allowed base images using a
pattern. Base images whose image reference don't match the specified patterns
cause the policy to fail.

### 2024-01-12

New **Default non-root user** policy, which flags images that would run as the
`root` superuser with full system administration privileges by default.
Specifying a non-root default user for your images can help strengthen your
runtime security.

### 2024-01-11

[Beta](../../release-lifecycle.md#beta) launch of a new GitHub app for integrating
Docker Scout with your source code management, and a remediation feature for
helping you improve policy compliance.

Remediation is a new capability for Docker Scout to provide contextual,
recommended actions based on policy evaluation results on how you can improve
compliance.

The GitHub integration enhances the remediation feature. With the integration
enabled, Docker Scout is able to connect analysis results to the source. This
additional context about how your images are built is used to generate better,
more precise recommendations.

For more information about the types of recommendations that Docker Scout can
provide to help you improve policy compliance, see
[Remediation](../policy/remediation.md).

For more information about how to authorize the Docker Scout GitHub app on your
source repositories, see
[Integrate Docker Scout with GitHub](../integrations/source-code-management/github.md).

## Q4 2023

New features and enhancements released in the fourth quarter of 2023.

### 2023-12-20

**Azure Container Registry** integration graduated from