Clair

Clair is an open-source static analysis tool for container security that automatically detects vulnerabilities in container images by inspecting layers for known security flaws affecting base operating systems, programming language packages (Java, Python, Go, JavaScript), and other dependencies across both OCI and Docker v2 specifications. The tool continuously monitors vulnerability databases from multiple sources, correlates findings with indexed container content, and provides webhook notifications when new vulnerabilities are discovered, enabling organizations to maintain secure container deployments and software supply chains.