vulnerabilities

Use Grype to scan your container images, directories, or archives for known vulnerabilities.

Explore the different scan targets Grype supports including container images, directories, SBOMs, and individual packages

Learn how Grype selects vulnerability data for different package types and what level of accuracy to expect

Learn how to read and interpret Grype’s vulnerability scan output, including match types, confidence levels, and result reliability

Understand how Grype detects packages from end-of-life Linux distributions and why vulnerability data may be incomplete

Learn how to work with Grype’s native JSON format

Control which vulnerabilities Grype reports using filtering flags, configuration rules, and VEX documents

Using the Grype Vulnerability Database

Tag: vulnerabilities