tldr/pages/common/trivy.md

# trivy

> Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues.
> More information: <https://aquasecurity.github.io/trivy>.

- Scan a Docker image for vulnerabilities and exposed secrets:

`trivy image {{image:tag}}`

- Scan a Docker image filtering the output by severity:

`trivy image --severity {{HIGH,CRITICAL}} {{alpine:3.15}}`

- Scan a Docker image ignoring any unfixed/unpatched vulnerabilities:

`trivy image --ignore-unfixed {{alpine:3.15}}`

- Scan the filesystem for vulnerabilities and misconfigurations:

`trivy fs --security-checks {{vuln,config}} {{path/to/project_directory}}`

- Scan a IaC (Terraform, CloudFormation, ARM, Helm and Dockerfile) directory for misconfigurations:

`trivy config {{path/to/iac_directory}}`

- Scan a local or remote Git repository for vulnerabilities:

`trivy repo {{path/to/local_repository_directory|remote_repository_URL}}`

- Scan a Git repository up to a specific commit hash:

`trivy repo --commit {{commit_hash}} {{repository}}`

- Generate output with a SARIF template:

`trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}`
trivy: add page 2021-10-20 19:53:07 +01:00			`# trivy`

			`> Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues.`
trivy: edit page (#12405) * trivy: edit page * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md --------- Co-authored-by: Juri Dispan <juri.dispan@posteo.net> Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com> 2024-03-02 06:29:34 +00:00			`> More information: <https://aquasecurity.github.io/trivy>.`
trivy: add page 2021-10-20 19:53:07 +01:00
trivy: edit page (#12405) * trivy: edit page * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md --------- Co-authored-by: Juri Dispan <juri.dispan@posteo.net> Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com> 2024-03-02 06:29:34 +00:00			`- Scan a Docker image for vulnerabilities and exposed secrets:`
trivy: add page 2021-10-20 19:53:07 +01:00
			`trivy image {{image:tag}}`

trivy: edit page (#12405) * trivy: edit page * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md --------- Co-authored-by: Juri Dispan <juri.dispan@posteo.net> Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com> 2024-03-02 06:29:34 +00:00			`- Scan a Docker image filtering the output by severity:`

			`trivy image --severity {{HIGH,CRITICAL}} {{alpine:3.15}}`

			`- Scan a Docker image ignoring any unfixed/unpatched vulnerabilities:`

			`trivy image --ignore-unfixed {{alpine:3.15}}`

trivy: add page 2021-10-20 19:53:07 +01:00			`- Scan the filesystem for vulnerabilities and misconfigurations:`

			`trivy fs --security-checks {{vuln,config}} {{path/to/project_directory}}`

trivy: edit page (#12405) * trivy: edit page * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md --------- Co-authored-by: Juri Dispan <juri.dispan@posteo.net> Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com> 2024-03-02 06:29:34 +00:00			`- Scan a IaC (Terraform, CloudFormation, ARM, Helm and Dockerfile) directory for misconfigurations:`
trivy: add page 2021-10-20 19:53:07 +01:00
			`trivy config {{path/to/iac_directory}}`

trivy: edit page (#12405) * trivy: edit page * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/trivy.md --------- Co-authored-by: Juri Dispan <juri.dispan@posteo.net> Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com> 2024-03-02 06:29:34 +00:00			`- Scan a local or remote Git repository for vulnerabilities:`

			`trivy repo {{path/to/local_repository_directory\|remote_repository_URL}}`

			`- Scan a Git repository up to a specific commit hash:`

			`trivy repo --commit {{commit_hash}} {{repository}}`

trivy: add page 2021-10-20 19:53:07 +01:00			`- Generate output with a SARIF template:`

			`trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}`