aquasecurity.github.io
Open in
urlscan Pro
2606:50c0:8002::153
Public Scan
Submitted URL: https://aquasecurity.github.io/trivy/v0.17.0/
Effective URL: https://aquasecurity.github.io/trivy/v0.17.2/
Submission: On April 15 via manual from US — Scanned from DE
Effective URL: https://aquasecurity.github.io/trivy/v0.17.2/
Submission: On April 15 via manual from US — Scanned from DE
Form analysis 1 forms found in the DOM
Name: search —
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required="">
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"></path>
</svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"></path>
</svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"></path>
</svg>
</button>
</nav>
</form>Text Content
Skip to content
Trivy
v0.17
* v0.50
* v0.49
* v0.48
* v0.47
* v0.46
* v0.45
* v0.44
* v0.43
* v0.42
* v0.41
* v0.40
* v0.39
* v0.38
* v0.37
* v0.36
* v0.35
* v0.34
* v0.33
* v0.32
* v0.31
* v0.30
* v0.29
* v0.28
* v0.27
* v0.26
* v0.25
* v0.24
* v0.23
* v0.22
* v0.21
* v0.20
* v0.19
* v0.18
* v0.17
* v0.16
* v0.15
* test
* dev
Overview
Initializing search
GitHub
* v0.50.1
* 21.2k
* 2.1k
Trivy
GitHub
* v0.50.1
* 21.2k
* 2.1k
* Overview
* Installation
* Quick Start
* Scanning
Scanning
* Overview
* Image
* Filesystem
* Git Repository
* Advanced
Advanced
* Embed in Dockerfile
* Unpacked container image filesystem
* OCI
* Podman
* Modes
Modes
* Standalone
* Client/Server
* Examples
Examples
* Overview
* Vulnerability Filtering
* Report Formats
* Vulnerability DB
* Cache
* Skip Traversal of Files/Directories
* Others
* Integrations
Integrations
* Overview
* GitHub Actions
* CircleCI
* Travis CI
* GitLab CI
* AWS CodePipeline
* AWS Security Hub
* Private Docker Registries
Private Docker Registries
* Overview
* Docker Hub
* AWS ECR (Elastic Container Registry)
* GCR (Google Container Registry)
* Self-Hosted
* Vulnerability Detection
Vulnerability Detection
* Overview
* OS Packages
* Application Dependencies
* Supported Image TAR Format
* Data Sources
* Usage
Usage
* Overview
* Image
* Filesystem
* Repository
* Client
* Server
* Plugins
* Air-Gapped Environment
* Comparison with Other Scanners
* Further Reading
* FAQ
* Maintainer
Maintainer
* Help Wanted
* Triage
* Credits
WELCOME TO TRIVY
A Simple and Comprehensive Vulnerability Scanner for Containers and other
Artifacts, Suitable for CI.
ABSTRACT
Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and
comprehensive vulnerability scanner for containers and other artifacts. A
software vulnerability is a glitch, flaw, or weakness present in the software or
in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
etc.). Trivy is easy to use. Just install the binary and you're ready to scan.
All you need to do for scanning is to specify a target such as an image name of
the container.
Trivy can be run in two different modes:
* Standalone
* Client/Server
Trivy can scan three different artifacts:
* Container Images
* Filesystem
* Git Repositories
It is considered to be used in CI. Before pushing to a container registry or
deploying your application, you can scan your local container image and other
artifacts easily. See here for details.
FEATURES
* Detect comprehensive vulnerabilities
* OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise
Linux, CentOS, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap,
SUSE Enterprise Linux, Photon OS and Distroless)
* Application dependencies (Bundler, Composer, Pipenv, Poetry, npm, yarn,
Cargo, NuGet, Maven, and Go)
* Simple
* Specify only an image name or artifact name
* See Quick Start and Examples
* Fast
* The first scan will finish within 10 seconds (depending on your network).
Consequent scans will finish in single seconds.
* Unlike other scanners that take long to fetch vulnerability information
(~10 minutes) on the first run, and encourage you to maintain a durable
vulnerability database, Trivy is stateless and requires no maintenance or
preparation.
* Easy installation
* apt-get install, yum install and brew install is possible (See
Installation)
* No pre-requisites such as installation of DB, libraries, etc.
* High accuracy
* Especially Alpine Linux and RHEL/CentOS
* Other OSes are also high
* DevSecOps
* Suitable for CI such as Travis CI, CircleCI, Jenkins, GitLab CI, etc.
* See CI Example
* Support multiple formats
* container image
* A local image in Docker Engine which is running as a daemon
* A local image in Podman (>=2.0) which is exposing a socket
* A remote image in Docker Registry such as Docker Hub, ECR, GCR and ACR
* A tar archive stored in the docker save / podman save formatted file
* An image directory compliant with OCI Image Format
* local filesystem
* remote git repository
Please see LICENSE for Trivy licensing information.
Note
Trivy uses vulnerability information from a variety of sources, some of which
are licensed for non-commercial use only.
Next Installation