grype
grype copied to clipboard
anchore
A vulnerability scanner for container images and filesystems
**What happened**: Running on a container that has Python certifi installed, then get the following. certifi 2022.12.7 2023.7.22 python GHSA-xqr8-7jwr-rhp7 High **What you expected to happen**: According to SUSE Advisory...
**What happened**: Related to bug reported in https://github.com/anchore/grype/issues/1370, `quay.io/calico/kube-controllers:v3.20.0` image does not have Go compiler but only contains a binary that was compiled with the Go compiler and statically linked...
**What would you like to be added**: In the default output format, for image scans (or really, any scan of a target that contains multiple files), when reporting a vulnerability...
**What would you like to be added**: Add a TUI element when using an SBOM source (or package urls/etc.) that indicates how many packages were read. **Why is this needed**:...
It seems that grype is not behaving as syft does when passing individual files that are not sboms: ``` ❯ syft -o json conan.lock > /tmp/sbom ✔ Indexed file system...
**What happened**: Docs list supported Cyclonedx Spec as 1.4 > - `cyclonedx`: An XML report conforming to the [CycloneDX 1.4 specification](https://cyclonedx.org/specification/overview/). > - `cyclonedx-json`: A JSON report conforming to the...
**What happened**: ``` > grype -o cyclonedx-json python:3.12.2-slim > test-grype.json > check-jsonschema --schemafile ./schema/bom-1.5.schema.json test-grype.json Schema validation errors were encountered. test-grype.json::$.metadata.properties: None is not of type 'array' ``` **What you...
**What would you like to be added**: Clear feedback that a package will _never match anything_ Grype knows about. **Why is this needed**: A user can identify potential security issues...
**What happened**: Run grype on container that has openssl file, the tool report many CVE on it. NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY openssl 1.1.1 binary CVE-2022-2068 Critical openssl 1.1.1...
**What happened**: When scan on a wildfly(26.1.3.Final) container which has xalan custom fork 2.7.1.jbossorg-6, the following vulnerabilities are reported. NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY xalan 2.7.1.jbossorg-6 2.7.2 java-archive GHSA-rc2w-r4jq-7pfx...
