anchore/grype
使用:
./grype emqx/emqx
结果如下:
点击(此处)折叠或打开
- [root@k8s01 ~]# ./grype emqx/emqx
- ? Vulnerability DB [updated]
- ? Pulled image
- ? Loaded image emqx/emqx:latest
- ? Parsed image sha256:0ef9bc19d70ec1e5d1a32ac2aa57eb2f1057e19c3f7bccb3c37b300b57480560
- ? Cataloged contents 06fcaf955f399828221cf2ff879aa4e831ef9c6464d6d16a0337cc45e2028db1
- ├── ? Packages [26 packages]
- ├── ? File digests [312 files]
- ├── ? File metadata [312 locations]
- └── ? Executables [97 executables]
- ? Scanned for vulnerabilities [92 vulnerability matches]
- ├── by severity: 10 critical, 35 high, 41 medium, 2 low, 0 negligible (7 unknown)
- └── by status: 15 fixed, 80 not-fixed, 0 ignored
- NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
- busybox 1.31.1-r21 apk CVE-2022-48174 Critical
- busybox 1.31.1-r21 1.31.1-r22 apk CVE-2022-28391 High
- curl 7.79.1-r0 apk CVE-2023-23914 Critical
- curl 7.79.1-r0 apk CVE-2022-32221 Critical
- curl 7.79.1-r0 apk CVE-2022-32207 Critical
- curl 7.79.1-r0 apk CVE-2023-28319 High
- curl 7.79.1-r0 apk CVE-2023-27534 High
- curl 7.79.1-r0 apk CVE-2023-27533 High
- curl 7.79.1-r0 apk CVE-2022-43551 High
- curl 7.79.1-r0 apk CVE-2022-42916 High
- curl 7.79.1-r0 apk CVE-2022-42915 High
- curl 7.79.1-r0 apk CVE-2022-27782 High
- curl 7.79.1-r0 apk CVE-2022-27781 High
- curl 7.79.1-r0 7.79.1-r1 apk CVE-2022-27775 High
- curl 7.79.1-r0 7.79.1-r1 apk CVE-2022-22576 High
- curl 7.79.1-r0 apk CVE-2023-46218 Medium
- curl 7.79.1-r0 apk CVE-2023-28321 Medium
