Fix: applying code review changes

Author: tanure

content/manuals/scout/images/image-details.png

@@ -84,30 +84,24 @@ Learn more about the `docker scout cves` command in the
 
 ## Step 4: Fix application vulnerabilities
 
-The fix suggested by Docker Scout is to update
-the underlying vulnerable express version to 4.17.3 or later.
+After the Docker Scout analysis, a high vulnerability CVE-2022-24999 was found, caused by an outdated version of the **express** package.
 
-1. Update the `package.json` file with the new package version.
+The version 4.17.3 of the express package fizes the vulnerabillity. Therefore, update the `package.json` file to the new version:
 
    ```diff
       "dependencies": {
    -    "express": "4.17.1"
    +    "express": "4.17.3"
       }
    ```
-   > [!TIP]
-   >
-   > The express package is constantly being updated and depending on when you are running this tutorial, other vulnerabilities with different levels of criticality may be listed. In order to follow this tutorial properly, it is suggested that all vulnerabilities are fixed.
-   > In general, it will only be necessary to modify the version of the `express` package to the most current version.
-
-2. Rebuild the image with a new tag and push it to your Docker Hub repository:
+   
+Rebuild the image with a new tag and push it to your Docker Hub repository:
 
    ```console
    $ docker build --push -t <ORG_NAME>/scout-demo:v2 .
    ```
 
-Now, viewing the latest tag of the image in Docker Desktop, the Docker Scout
-Dashboard, or CLI, you can see that you have fixed the vulnerability.
+Run the **docker scout** command again and verify that HIGH CVE-2022-24999 is no longer present:
 
 ```console
 $ docker scout cves --only-package express
@@ -158,7 +152,7 @@ $ docker scout config organization <ORG_NAME>
 
 Now you can run the `quickview` command to get an overview
 of the compliance status for the image you just built.
-The image is evaluated against the default policy configurations.
+The image is evaluated against the default policy configurations. You'll see output similar to the following:
 
 ```console
 $ docker scout quickview
@@ -176,10 +170,6 @@ Policy status  FAILED  (2/6 policies met, 2 missing data)
   ?      │ Supply chain attestations                    │    No data
 ```
 
-> [!NOTE]
-> 
-> The report shown by the `docker scout quickview` command, run on your local machine, may be different from the one shown in the example above.
-
 Exclamation marks in the status column indicate a violated policy.
 Question marks indicate that there isn't enough metadata to complete the evaluation.
 A check mark indicates compliance.
@@ -217,7 +207,7 @@ The classic image store doesn't support manifest lists,
 which is how the provenance attestations are attached to an image.
 
 Open **Settings** in Docker Desktop. Under the **General** section, make sure
-that the **Use containerd for pulling and storing images** option is checked, then click the `Apply & Restart` button to apply the changes.
+that the **Use containerd for pulling and storing images** option is checked, then select **Apply & Restart**.
 Note that changing image stores temporarily hides images and containers of the
 inactive image store until you switch back.
 
@@ -239,9 +229,7 @@ results through a different lens: the Docker Scout Dashboard.
 
 The images page lists your Scout-enabled repositories.
 
-Select the docker image you want to analyze and click the button shown in the image below to display the **Image details** sidebar.
-
-![View Image Details](./images/image-details.png)
+Select the row for the image you want to view, anywhere in the row except on a link, to open the **Image details** sidebar.
 
 The sidebar shows a compliance overview for the last pushed tag of a repository.
 
@@ -251,16 +239,14 @@ The sidebar shows a compliance overview for the last pushed tag of a repository.
 > It might take a few minutes before the results appear if this is your
 > first time using the Docker Scout Dashboard.
 
-Go back to the image list and click on the image version, available in the **Most recent image** column.
-Then, at the top right of the page, click on the **Update base image** button to inspect the policy.
-
-![Policy Inspect](./images/policy-inspect.png)
+Go back to the image list and select the image version, available in the **Most recent image** column.
+Then, at the top right of the page, select the **Update base image** button to inspect the policy.
 
 This policy checks whether base images you use are up-to-date.
 It currently has a non-compliant status,
 because the example image uses an old version `alpine` as a base image.
 
-Close the **Recommended fixes for base image** popup. In the policy listing, click the **View fixes** button, next to the policy name for details about the violation, and recommendations on how to address it.
+Close the **Recommended fixes for base image** modal. In the policy listing, select **View fixes** button, next to the policy name for details about the violation, and recommendations on how to address it.
 
 In this case, the recommended action is to enable
 [Docker Scout's GitHub integration](./integrations/source-code-management/github.md),