The maintainers of https://curl.se/, the popular command-line tool and library for transferring data with URLs, will release curl 8.4.0 on October 11, 2023. The CVE IDs are: CVE-2023-38545: severity HIGH (affects both libcurl and the curl tool)
Docker Scout analyzes all local images by default, but to analyze images in remote repositories, you need to enable Docker Scout image analysis.
You can use the docker scout policy command to evaluate images against Docker Scout’s built-in policies on the command line, including the No vulnerable version of curl.
Figure 3: Docker Scout showing the results of running the Docker Scout command to evaluate a container image against the ‘No vulnerable version of curl’ policy.