Unixcop published a tutorial about how to scan Docker container images for vulnerabilities with Trivy.
How to scan Docker Container Images for Vulnerabilities with Trivy
Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.).