You might be using a docker file with an instruction apk upgrade
What it actually does is, it will upgrade all the OS packages to the latest version thereby not showing any vulnerabilities. Please be advised that apk upgrade
may have consequences in scanning reports.
One such instance of a dockerfile is as mentioned :
FROM node:12-alpine RUN mkdir -p /usr/src/logs RUN apk upgrade