0

We are using Tesseract and Leptonica installed on an Unix system to meet some requirements. Since both were termed to be open source, we were subjected to scan both for open source vulnerabilities.

Repository details: https://github.com/tesseract-ocr/tesseract

How should I scan tesseract and Leptonica for open source vulnerabilities., any examples would be much appreciated.

Wolf
  • 116
  • 9
  • are you trying to scan it for **Open Source** vulnerabilities (code) or for the **Linux dependencies**? I assume the latter? If so have you tried with `Snyk`? I see the `Dockerfile` is scanned fine. If you want to scan the full image try to download the Snyk CLI and run `snyk container test [image-name]:tag` ? let me know what you see – Jonathan Gruber Jul 26 '23 at 11:55

0 Answers0