grype
grype copied to clipboard
anchore
A vulnerability scanner for container images and filesystems
**What happened**: I am using `gitea/gitea:1.16.7` image in my application. Version from the binary within the Image is 1.16.7 as shown below ```shell ❯ docker run -it --entrypoint bash gitea/gitea:1.16.7...
**What happened**: json-formatted SBOM generated using syft on **Windows** produced an "unable to identify format" error when loaded into grype. ``` ./grype sbom:windows-sbom.json ✔ Vulnerability DB [updated] 1 error occurred:...
**What happened**: I have an Image that uses `ubuntu:focal-20230624` as base image that has Git installed via the system package manager apt-get. The installed version is 1:2.25.1-1ubuntu3.11. Grype reported that...
This has come up a couple of times in ad-hoc conversations so I wanted to try and get this in a ticket for more feedback. Today we have a project...
**What would you like to be added**: [Buildpacks](https://buildpacks.io/) is a CNCF project that can create secure and minimal images from source code. It currently has a well-spec'd way of attaching...
**What happened**: When following the example [here](https://github.com/anchore/grype?tab=readme-ov-file#vex-support) using the vex document specified, the vulnerability is rendered in the outputted report. This happens in any format. vex.json ```json { "@context": "https://openvex.dev/ns/v0.2.0",...
**What happened**: CVE found by trivy ``` ┌────────────────────────────────┬───────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├────────────────────────────────┼───────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────────┤ │ github.com/opencontainers/runc │ CVE-2024-3154...
Following https://github.com/anchore/grype/pull/1397, this PR extends [VEX support for ignoring/adding matches based on Vulnerability Exploitability Exchange data](https://github.com/anchore/grype?tab=readme-ov-file#vex-support) so it also accepts [CSAF format](https://oasis-open.github.io/csaf-documentation/). The PR also refactors the `grype/vex` package since...
Hello, **What would you like to be added**: I would like to add Conan (C/C++ package manager) CVEs on Grype **Why is this needed**: Syft support Conan scanning. GITLAB Advisory...
This pull request closes #1624. It adds and enforces the ability to set a new property `abort-after` to `external` sources. As discussed in the issue, it supports both a global...
