admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-10 18:53:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ea9cb4f90af2cb2ce2b5ea71e436fa1f772ce49
aquasecurity-trivy/dev/docs/scanner/vulnerability/os/index.html

3458 lines
71 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI">
<link rel="canonical" href="https://aquasecurity.github.io/trivy/dev/docs/scanner/vulnerability/os/">
<link rel="icon" href="../../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.3.0, mkdocs-material-8.3.9">
<title>OS Packages - Trivy</title>
<link rel="stylesheet" href="../../../../assets/stylesheets/main.1d29e8d0.min.css">
<link rel="stylesheet" href="../../../../assets/stylesheets/palette.cbb835fc.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../../../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="none" data-md-color-accent="none">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#os-packages" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<div data-md-component="outdated" hidden>
<aside class="md-banner md-banner--warning">
</aside>
</div>
<header class="md-header md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../../../.." title="Trivy" class="md-header__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../../imgs/logo-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Trivy
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
OS Packages
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../../../.." class="md-tabs__link">
Getting Started
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../tutorials/overview/" class="md-tabs__link">
Tutorials
</a>
</li>
<li class="md-tabs__item">
<a href="../../../" class="md-tabs__link md-tabs__link--active">
Docs
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../ecosystem/" class="md-tabs__link">
Ecosystem
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../community/contribute/issue/" class="md-tabs__link">
Contributing
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../../.." title="Trivy" class="md-nav__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../../imgs/logo-white.svg" alt="logo">
</a>
Trivy
</label>
<div class="md-nav__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_1" type="checkbox" id="__nav_1" >
<label class="md-nav__link" for="__nav_1">
Getting Started
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Getting Started" data-md-level="1">
<label class="md-nav__title" for="__nav_1">
<span class="md-nav__icon md-icon"></span>
Getting Started
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../.." class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../getting-started/installation/" class="md-nav__link">
Installation
</a>
</li>
<li class="md-nav__item">
<a href="../../../../getting-started/faq/" class="md-nav__link">
FAQ
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2">
Tutorials
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Tutorials" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Tutorials
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_2" type="checkbox" id="__nav_2_2" >
<label class="md-nav__link" for="__nav_2_2">
CI/CD
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CI/CD" data-md-level="2">
<label class="md-nav__title" for="__nav_2_2">
<span class="md-nav__icon md-icon"></span>
CI/CD
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/github-actions/" class="md-nav__link">
GitHub Actions
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/circleci/" class="md-nav__link">
CircleCI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/travis-ci/" class="md-nav__link">
Travis CI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/gitlab-ci/" class="md-nav__link">
GitLab CI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/bitbucket/" class="md-nav__link">
Bitbucket Pipelines
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/aws-codepipeline/" class="md-nav__link">
AWS CodePipeline
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/aws-security-hub/" class="md-nav__link">
AWS Security Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/integrations/azure-devops/" class="md-nav__link">
Azure
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_3" type="checkbox" id="__nav_2_3" >
<label class="md-nav__link" for="__nav_2_3">
Kubernetes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Kubernetes" data-md-level="2">
<label class="md-nav__title" for="__nav_2_3">
<span class="md-nav__icon md-icon"></span>
Kubernetes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/kubernetes/cluster-scanning/" class="md-nav__link">
Cluster Scanning
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/kubernetes/kyverno/" class="md-nav__link">
Kyverno
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/kubernetes/gitops/" class="md-nav__link">
GitOps
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_4" type="checkbox" id="__nav_2_4" >
<label class="md-nav__link" for="__nav_2_4">
Signing
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Signing" data-md-level="2">
<label class="md-nav__title" for="__nav_2_4">
<span class="md-nav__icon md-icon"></span>
Signing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/signing/vuln-attestation/" class="md-nav__link">
Vulnerability Scan Record Attestation
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_5" type="checkbox" id="__nav_2_5" >
<label class="md-nav__link" for="__nav_2_5">
Shell
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Shell" data-md-level="2">
<label class="md-nav__title" for="__nav_2_5">
<span class="md-nav__icon md-icon"></span>
Shell
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/shell/shell-completion/" class="md-nav__link">
Completion
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_6" type="checkbox" id="__nav_2_6" >
<label class="md-nav__link" for="__nav_2_6">
Additional Resources
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Additional Resources" data-md-level="2">
<label class="md-nav__title" for="__nav_2_6">
<span class="md-nav__icon md-icon"></span>
Additional Resources
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../tutorials/additional-resources/references/" class="md-nav__link">
Additional Resources
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/additional-resources/community/" class="md-nav__link">
Community References
</a>
</li>
<li class="md-nav__item">
<a href="../../../../tutorials/additional-resources/cks/" class="md-nav__link">
CKS Reference
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_3">
Docs
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Docs" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Docs
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2" type="checkbox" id="__nav_3_2" >
<label class="md-nav__link" for="__nav_3_2">
Target
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Target" data-md-level="2">
<label class="md-nav__title" for="__nav_3_2">
<span class="md-nav__icon md-icon"></span>
Target
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../target/container_image/" class="md-nav__link">
Container Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/filesystem/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/git-repository/" class="md-nav__link">
Git Repository
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/vm/" class="md-nav__link">
Virtual Machine Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/kubernetes/" class="md-nav__link">
Kubernetes
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../../target/sbom/" class="md-nav__link">
SBOM
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3" type="checkbox" id="__nav_3_3" checked>
<label class="md-nav__link" for="__nav_3_3">
Scanner
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Scanner" data-md-level="2">
<label class="md-nav__title" for="__nav_3_3">
<span class="md-nav__icon md-icon"></span>
Scanner
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_1" type="checkbox" id="__nav_3_3_1" checked>
<label class="md-nav__link" for="__nav_3_3_1">
Vulnerability
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Vulnerability" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_1">
<span class="md-nav__icon md-icon"></span>
Vulnerability
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
OS Packages
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
OS Packages
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#supported-os" class="md-nav__link">
Supported OS
</a>
</li>
<li class="md-nav__item">
<a href="#data-sources" class="md-nav__link">
Data Sources
</a>
<nav class="md-nav" aria-label="Data Sources">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#data-source-selection" class="md-nav__link">
Data source selection
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#distributions" class="md-nav__link">
Distributions
</a>
<nav class="md-nav" aria-label="Distributions">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#cbl-mariner" class="md-nav__link">
CBL-Mariner
</a>
<nav class="md-nav" aria-label="CBL-Mariner">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#support" class="md-nav__link">
Support
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#examples" class="md-nav__link">
Examples
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_1_3" type="checkbox" id="__nav_3_3_1_3" >
<label class="md-nav__link" for="__nav_3_3_1_3">
Language-specific Packages
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Language-specific Packages" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_1_3">
<span class="md-nav__icon md-icon"></span>
Language-specific Packages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../language/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../language/golang/" class="md-nav__link">
Go
</a>
</li>
<li class="md-nav__item">
<a href="../language/java/" class="md-nav__link">
Java
</a>
</li>
<li class="md-nav__item">
<a href="../language/nodejs/" class="md-nav__link">
Node.js
</a>
</li>
<li class="md-nav__item">
<a href="../language/php/" class="md-nav__link">
PHP
</a>
</li>
<li class="md-nav__item">
<a href="../language/python/" class="md-nav__link">
Python
</a>
</li>
<li class="md-nav__item">
<a href="../language/rust/" class="md-nav__link">
Rust
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2" type="checkbox" id="__nav_3_3_2" >
<label class="md-nav__link" for="__nav_3_3_2">
Misconfiguration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Misconfiguration" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_2">
<span class="md-nav__icon md-icon"></span>
Misconfiguration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2_2" type="checkbox" id="__nav_3_3_2_2" >
<label class="md-nav__link" for="__nav_3_3_2_2">
Policy
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Policy" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_2_2">
<span class="md-nav__icon md-icon"></span>
Policy
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/policy/builtin/" class="md-nav__link">
Built-in Policies
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/policy/exceptions/" class="md-nav__link">
Exceptions
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2_3" type="checkbox" id="__nav_3_3_2_3" >
<label class="md-nav__link" for="__nav_3_3_2_3">
Custom Policies
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Custom Policies" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_2_3">
<span class="md-nav__icon md-icon"></span>
Custom Policies
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/data/" class="md-nav__link">
Data
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/combine/" class="md-nav__link">
Combine
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/selectors/" class="md-nav__link">
Selectors
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/schema/" class="md-nav__link">
Schemas
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/testing/" class="md-nav__link">
Testing
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/debug/" class="md-nav__link">
Debugging Policies
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../secret/" class="md-nav__link">
Secret
</a>
</li>
<li class="md-nav__item">
<a href="../../license/" class="md-nav__link">
License
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_4" type="checkbox" id="__nav_3_4" >
<label class="md-nav__link" for="__nav_3_4">
Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Configuration" data-md-level="2">
<label class="md-nav__title" for="__nav_3_4">
<span class="md-nav__icon md-icon"></span>
Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../configuration/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/filtering/" class="md-nav__link">
Filtering
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/skipping/" class="md-nav__link">
Skipping Files
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/reporting/" class="md-nav__link">
Reporting
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/cache/" class="md-nav__link">
Cache
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/db/" class="md-nav__link">
DB
</a>
</li>
<li class="md-nav__item">
<a href="../../../configuration/others/" class="md-nav__link">
Others
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_5" type="checkbox" id="__nav_3_5" >
<label class="md-nav__link" for="__nav_3_5">
Supply Chain
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Supply Chain" data-md-level="2">
<label class="md-nav__title" for="__nav_3_5">
<span class="md-nav__icon md-icon"></span>
Supply Chain
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../supply-chain/sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_5_2" type="checkbox" id="__nav_3_5_2" >
<label class="md-nav__link" for="__nav_3_5_2">
Attestation
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Attestation" data-md-level="3">
<label class="md-nav__title" for="__nav_3_5_2">
<span class="md-nav__icon md-icon"></span>
Attestation
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../supply-chain/attestation/sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item">
<a href="../../../supply-chain/attestation/vuln/" class="md-nav__link">
Cosign Vulnerability Scan Record
</a>
</li>
<li class="md-nav__item">
<a href="../../../supply-chain/attestation/rekor/" class="md-nav__link">
SBOM Attestation in Rekor
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../supply-chain/vex/" class="md-nav__link">
VEX
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_6" type="checkbox" id="__nav_3_6" >
<label class="md-nav__link" for="__nav_3_6">
Compliance
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Compliance" data-md-level="2">
<label class="md-nav__title" for="__nav_3_6">
<span class="md-nav__icon md-icon"></span>
Compliance
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../compliance/compliance/" class="md-nav__link">
Reports
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7" type="checkbox" id="__nav_3_7" >
<label class="md-nav__link" for="__nav_3_7">
Advanced
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Advanced" data-md-level="2">
<label class="md-nav__title" for="__nav_3_7">
<span class="md-nav__icon md-icon"></span>
Advanced
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../advanced/modules/" class="md-nav__link">
Modules
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/plugins/" class="md-nav__link">
Plugins
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/air-gap/" class="md-nav__link">
Air-Gapped Environment
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7_4" type="checkbox" id="__nav_3_7_4" >
<label class="md-nav__link" for="__nav_3_7_4">
Container Image
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Container Image" data-md-level="3">
<label class="md-nav__title" for="__nav_3_7_4">
<span class="md-nav__icon md-icon"></span>
Container Image
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../advanced/container/embed-in-dockerfile/" class="md-nav__link">
Embed in Dockerfile
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/container/unpacked-filesystem/" class="md-nav__link">
Unpacked container image filesystem
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7_4_3" type="checkbox" id="__nav_3_7_4_3" >
<label class="md-nav__link" for="__nav_3_7_4_3">
Private Docker Registries
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Private Docker Registries" data-md-level="4">
<label class="md-nav__title" for="__nav_3_7_4_3">
<span class="md-nav__icon md-icon"></span>
Private Docker Registries
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/docker-hub/" class="md-nav__link">
Docker Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/ecr/" class="md-nav__link">
AWS ECR (Elastic Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/gcr/" class="md-nav__link">
GCR (Google Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/acr/" class="md-nav__link">
ACR (Azure Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../advanced/private-registries/self/" class="md-nav__link">
Self-Hosted
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8" type="checkbox" id="__nav_3_8" >
<label class="md-nav__link" for="__nav_3_8">
References
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="References" data-md-level="2">
<label class="md-nav__title" for="__nav_3_8">
<span class="md-nav__icon md-icon"></span>
References
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_1" type="checkbox" id="__nav_3_8_1" >
<label class="md-nav__link" for="__nav_3_8_1">
Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Configuration" data-md-level="3">
<label class="md-nav__title" for="__nav_3_8_1">
<span class="md-nav__icon md-icon"></span>
Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_1_1" type="checkbox" id="__nav_3_8_1_1" >
<label class="md-nav__link" for="__nav_3_8_1_1">
CLI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CLI" data-md-level="4">
<label class="md-nav__title" for="__nav_3_8_1_1">
<span class="md-nav__icon md-icon"></span>
CLI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_config/" class="md-nav__link">
Config
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_filesystem/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_image/" class="md-nav__link">
Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_kubernetes/" class="md-nav__link">
Kubernetes
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_module/" class="md-nav__link">
Module
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_module_install/" class="md-nav__link">
Module Install
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_module_uninstall/" class="md-nav__link">
Module Uninstall
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin/" class="md-nav__link">
Plugin
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_info/" class="md-nav__link">
Plugin Info
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_install/" class="md-nav__link">
Plugin Install
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_list/" class="md-nav__link">
Plugin List
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_run/" class="md-nav__link">
Plugin Run
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_uninstall/" class="md-nav__link">
Plugin Uninstall
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_plugin_update/" class="md-nav__link">
Plugin Update
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_repository/" class="md-nav__link">
Repository
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_server/" class="md-nav__link">
Server
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_version/" class="md-nav__link">
Version
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/cli/trivy_vm/" class="md-nav__link">
VM
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../references/configuration/config-file/" class="md-nav__link">
Config file
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_2" type="checkbox" id="__nav_3_8_2" >
<label class="md-nav__link" for="__nav_3_8_2">
Modes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Modes" data-md-level="3">
<label class="md-nav__title" for="__nav_3_8_2">
<span class="md-nav__icon md-icon"></span>
Modes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../references/modes/standalone/" class="md-nav__link">
Standalone
</a>
</li>
<li class="md-nav__item">
<a href="../../../references/modes/client-server/" class="md-nav__link">
Client/Server
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../references/troubleshooting/" class="md-nav__link">
Troubleshooting
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
Ecosystem
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Ecosystem" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Ecosystem
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../ecosystem/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../ecosystem/cicd/" class="md-nav__link">
CI/CD
</a>
</li>
<li class="md-nav__item">
<a href="../../../../ecosystem/ide/" class="md-nav__link">
IDE and Dev tools
</a>
</li>
<li class="md-nav__item">
<a href="../../../../ecosystem/prod/" class="md-nav__link">
Production and Clouds
</a>
</li>
<li class="md-nav__item">
<a href="../../../../ecosystem/security/" class="md-nav__link">
Security Management
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5">
Contributing
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Contributing" data-md-level="1">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Contributing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5_1" type="checkbox" id="__nav_5_1" >
<label class="md-nav__link" for="__nav_5_1">
How to contribute
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="How to contribute" data-md-level="2">
<label class="md-nav__title" for="__nav_5_1">
<span class="md-nav__icon md-icon"></span>
How to contribute
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../community/contribute/issue/" class="md-nav__link">
Issues
</a>
</li>
<li class="md-nav__item">
<a href="../../../../community/contribute/discussion/" class="md-nav__link">
Discussions
</a>
</li>
<li class="md-nav__item">
<a href="../../../../community/contribute/pr/" class="md-nav__link">
Pull Requests
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5_2" type="checkbox" id="__nav_5_2" >
<label class="md-nav__link" for="__nav_5_2">
Maintainer
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Maintainer" data-md-level="2">
<label class="md-nav__title" for="__nav_5_2">
<span class="md-nav__icon md-icon"></span>
Maintainer
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../community/maintainer/help-wanted/" class="md-nav__link">
Help Wanted
</a>
</li>
<li class="md-nav__item">
<a href="../../../../community/maintainer/triage/" class="md-nav__link">
Triage
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#supported-os" class="md-nav__link">
Supported OS
</a>
</li>
<li class="md-nav__item">
<a href="#data-sources" class="md-nav__link">
Data Sources
</a>
<nav class="md-nav" aria-label="Data Sources">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#data-source-selection" class="md-nav__link">
Data source selection
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#distributions" class="md-nav__link">
Distributions
</a>
<nav class="md-nav" aria-label="Distributions">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#cbl-mariner" class="md-nav__link">
CBL-Mariner
</a>
<nav class="md-nav" aria-label="CBL-Mariner">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#support" class="md-nav__link">
Support
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#examples" class="md-nav__link">
Examples
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="os-packages">OS Packages</h1>
<p>Trivy is capable of automatically detecting installed OS packages when scanning container images, VM images and running hosts.
This page provides an overview of OS packages in the context of Trivy scans.</p>
<h2 id="supported-os">Supported OS</h2>
<p>The unfixed/unfixable vulnerabilities mean that the patch has not yet been provided on their distribution.
To hide unfixed/unfixable vulnerabilities, you can use the <code>--ignore-unfixed</code> flag.</p>
<p>Trivy doesn't support self-compiled packages/binaries, but official packages provided by vendors such as Red Hat and Debian.</p>
<table>
<thead>
<tr>
<th>OS</th>
<th>Supported Versions</th>
<th>Target Packages</th>
<th align="center">Detection of unfixed vulnerabilities</th>
</tr>
</thead>
<tbody>
<tr>
<td>Alpine Linux</td>
<td>2.2 - 2.7, 3.0 - 3.17, edge</td>
<td>Installed by apk</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Wolfi Linux</td>
<td>(n/a)</td>
<td>Installed by apk</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Chainguard</td>
<td>(n/a)</td>
<td>Installed by apk</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Red Hat Universal Base Image<sup id="fnref:1"><a class="footnote-ref" href="#fn:1">1</a></sup></td>
<td>7, 8, 9</td>
<td>Installed by yum/rpm</td>
<td align="center">YES</td>
</tr>
<tr>
<td>Red Hat Enterprise Linux</td>
<td>6, 7, 8</td>
<td>Installed by yum/rpm</td>
<td align="center">YES</td>
</tr>
<tr>
<td>CentOS</td>
<td>6, 7, 8</td>
<td>Installed by yum/rpm</td>
<td align="center">YES</td>
</tr>
<tr>
<td>AlmaLinux</td>
<td>8, 9</td>
<td>Installed by yum/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Rocky Linux</td>
<td>8, 9</td>
<td>Installed by yum/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Oracle Linux</td>
<td>5, 6, 7, 8</td>
<td>Installed by yum/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>CBL-Mariner</td>
<td>1.0, 2.0</td>
<td>Installed by yum/rpm</td>
<td align="center">YES</td>
</tr>
<tr>
<td>Amazon Linux</td>
<td>1, 2, 2023</td>
<td>Installed by yum/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>openSUSE Leap</td>
<td>42, 15</td>
<td>Installed by zypper/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>SUSE Enterprise Linux</td>
<td>11, 12, 15</td>
<td>Installed by zypper/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Photon OS</td>
<td>1.0, 2.0, 3.0, 4.0</td>
<td>Installed by tdnf/yum/rpm</td>
<td align="center">NO</td>
</tr>
<tr>
<td>Debian GNU/Linux</td>
<td>wheezy, jessie, stretch, buster, bullseye</td>
<td>Installed by apt/apt-get/dpkg</td>
<td align="center">YES</td>
</tr>
<tr>
<td>Ubuntu</td>
<td>All versions supported by Canonical</td>
<td>Installed by apt/apt-get/dpkg</td>
<td align="center">YES</td>
</tr>
<tr>
<td>Distroless<sup id="fnref:2"><a class="footnote-ref" href="#fn:2">2</a></sup></td>
<td>Any</td>
<td>Installed by apt/apt-get/dpkg</td>
<td align="center">YES</td>
</tr>
</tbody>
</table>
<h2 id="data-sources">Data Sources</h2>
<table>
<thead>
<tr>
<th>OS</th>
<th>Source</th>
</tr>
</thead>
<tbody>
<tr>
<td>Arch Linux</td>
<td><a href="https://security.archlinux.org/">Vulnerable Issues</a></td>
</tr>
<tr>
<td>Alpine Linux</td>
<td><a href="https://secdb.alpinelinux.org/">secdb</a></td>
</tr>
<tr>
<td>Wolfi Linux</td>
<td><a href="https://packages.wolfi.dev/os/security.json">secdb</a></td>
</tr>
<tr>
<td>Chainguard</td>
<td><a href="https://packages.cgr.dev/chainguard/security.json">secdb</a></td>
</tr>
<tr>
<td>Amazon Linux</td>
<td><a href="https://alas.aws.amazon.com/">Amazon Linux Security Center</a></td>
</tr>
<tr>
<td>Debian</td>
<td><a href="https://security-tracker.debian.org/tracker/">Security Bug Tracker</a></td>
</tr>
<tr>
<td></td>
<td><a href="https://www.debian.org/security/oval/">OVAL</a></td>
</tr>
<tr>
<td>Ubuntu</td>
<td><a href="https://ubuntu.com/security/cve">Ubuntu CVE Tracker</a></td>
</tr>
<tr>
<td>RHEL/CentOS</td>
<td><a href="https://www.redhat.com/security/data/oval/v2/">OVAL</a></td>
</tr>
<tr>
<td></td>
<td><a href="https://www.redhat.com/security/data/metrics/">Security Data</a></td>
</tr>
<tr>
<td>AlmaLinux</td>
<td><a href="https://errata.almalinux.org/">AlmaLinux Product Errata</a></td>
</tr>
<tr>
<td>Rocky Linux</td>
<td><a href="https://download.rockylinux.org/pub/rocky/">Rocky Linux UpdateInfo</a></td>
</tr>
<tr>
<td>Oracle Linux</td>
<td><a href="https://linux.oracle.com/security/oval/">OVAL</a></td>
</tr>
<tr>
<td>CBL-Mariner</td>
<td><a href="https://github.com/microsoft/CBL-MarinerVulnerabilityData/">OVAL</a></td>
</tr>
<tr>
<td>OpenSUSE/SLES</td>
<td><a href="http://ftp.suse.com/pub/projects/security/cvrf/">CVRF</a></td>
</tr>
<tr>
<td>Photon OS</td>
<td><a href="https://packages.vmware.com/photon/photon_cve_metadata/">Photon Security Advisory</a></td>
</tr>
</tbody>
</table>
<h3 id="data-source-selection">Data source selection</h3>
<p>Trivy <strong>only</strong> consumes security advisories from the sources listed in the above table.</p>
<p>As for packages installed from OS package managers (<code>dpkg</code>, <code>yum</code>, <code>apk</code>, etc.), Trivy uses the advisory database from the appropriate <strong>OS vendor</strong>.</p>
<p>For example: for a python package installed from <code>yum</code> (Amazon linux), Trivy will only get advisories from <a href="https://alas.aws.amazon.com/">ALAS</a>.
But for a python package installed from another source (e.g. <code>pip</code>), Trivy will get advisories from the <code>GitLab</code> and <code>GitHub</code> databases.</p>
<p>This advisory selection is essential to avoid getting false positives because OS vendors usually backport upstream fixes, and the fixed version can be different from the upstream fixed version.
The severity is from the selected data source.
If the data source does not provide severity, it falls back to <a href="https://nvd.nist.gov/">NVD</a>, and if NVD does not have severity, it will be UNKNOWN.</p>
<h2 id="distributions">Distributions</h2>
<h3 id="cbl-mariner">CBL-Mariner</h3>
<p>Trivy scans <a href="https://github.com/microsoft/CBL-Mariner">CBL-Mariner</a>.</p>
<h4 id="support">Support</h4>
<p>The following table provides an outline of the features Trivy offers.</p>
<table>
<thead>
<tr>
<th>Version</th>
<th align="center">Container image</th>
<th align="center">Virtual machine</th>
<th align="center">Distroless</th>
<th align="center">Multi-arch</th>
<th align="center">Unfixed support</th>
</tr>
</thead>
<tbody>
<tr>
<td>1.0</td>
<td align="center"></td>
<td align="center"></td>
<td align="center"></td>
<td align="center">amd64, arm64</td>
<td align="center"></td>
</tr>
<tr>
<td>2.0</td>
<td align="center"></td>
<td align="center"></td>
<td align="center"></td>
<td align="center">amd64, arm64</td>
<td align="center"></td>
</tr>
</tbody>
</table>
<h3 id="examples">Examples</h3>
<div class="tabbed-set tabbed-alternate" data-tabs="1:2"><input checked="checked" id="__tabbed_1_1" name="__tabbed_1" type="radio" /><input id="__tabbed_1_2" name="__tabbed_1" type="radio" /><div class="tabbed-labels"><label for="__tabbed_1_1">image</label><label for="__tabbed_1_2">rootfs</label></div>
<div class="tabbed-content">
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>➜ trivy image mcr.microsoft.com/cbl-mariner/base/core:2.0
2022-07-27T14:48:20.355+0600 INFO Detected OS: cbl-mariner
2022-07-27T14:48:20.355+0600 INFO Detecting CBL-Mariner vulnerabilities...
2022-07-27T14:48:20.356+0600 INFO Number of language-specific files: 0
mcr.microsoft.com/cbl-mariner/base/core:2.0 (cbl-mariner 2.0.20220527)
Total: 33 (UNKNOWN: 0, LOW: 0, MEDIUM: 15, HIGH: 13, CRITICAL: 5)
</code></pre></div>
</div>
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>➜ docker run -it --rm --entrypoint bin/bash mcr.microsoft.com/cbl-mariner/base/core:2.0
root [ / ]# tdnf -y install ca-certificates
root [ / ]# # Install the latest Trivy
root [ / ]# trivy rootfs /
2022-07-27T09:30:06.815Z INFO Need to update DB
2022-07-27T09:30:06.815Z INFO DB Repository: ghcr.io/aquasecurity/trivy-db
2022-07-27T09:30:06.815Z INFO Downloading DB...
33.25 MiB / 33.25 MiB [------------------------------] 100.00% 4.20 MiB p/s 8.1s
2022-07-27T09:30:21.756Z INFO Vulnerability scanning is enabled
2022-07-27T09:30:21.756Z INFO Secret scanning is enabled
2022-07-27T09:30:21.756Z INFO If your scanning is slow, please try &#39;--scanners vuln&#39; to disable secret scanning
2022-07-27T09:30:21.756Z INFO Please see also https://aquasecurity.github.io/trivy/v0.30.4/docs/secret/scanning/#recommendation for faster secret detection
2022-07-27T09:30:22.205Z INFO Detected OS: cbl-mariner
2022-07-27T09:30:22.205Z INFO Detecting CBL-Mariner vulnerabilities...
2022-07-27T09:30:22.205Z INFO Number of language-specific files: 0
40ba9a55397c (cbl-mariner 2.0.20220527)
=======================================
Total: 33 (UNKNOWN: 0, LOW: 0, MEDIUM: 15, HIGH: 13, CRITICAL: 5)
</code></pre></div>
</div>
</div>
</div>
<div class="footnote">
<hr />
<ol>
<li id="fn:1">
<p>https://developers.redhat.com/products/rhel/ubi&#160;<a class="footnote-backref" href="#fnref:1" title="Jump back to footnote 1 in the text">&#8617;</a></p>
</li>
<li id="fn:2">
<p>https://github.com/GoogleContainerTools/distroless&#160;<a class="footnote-backref" href="#fnref:2" title="Jump back to footnote 2 in the text">&#8617;</a></p>
</li>
</ol>
</div>
</article>
<script>var tabs=__md_get("__tabs");if(Array.isArray(tabs))e:for(var set of document.querySelectorAll(".tabbed-set")){var tab,labels=set.querySelector(".tabbed-labels");for(tab of tabs)for(var label of labels.getElementsByTagName("label"))if(label.innerText.trim()===tab){var input=document.getElementById(label.htmlFor);input.checked=!0;continue e}}</script>
</div>
</div>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../" class="md-footer__link md-footer__link--prev" aria-label="Previous: Overview" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Overview
</div>
</div>
</a>
<a href="../language/" class="md-footer__link md-footer__link--next" aria-label="Next: Overview" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Overview
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4Z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../../..", "features": ["navigation.tabs", "navigation.tabs.sticky", "navigation.sections", "content.tabs.link"], "search": "../../../../assets/javascripts/workers/search.b97dbffb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "version": {"method": "mike", "provider": "mike"}}</script>
<script src="../../../../assets/javascripts/bundle.6c7ad80a.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink