grype: Vulnerability Scanner for images Container and filesystems

Grype is a vulnerability scanner for Container images and filesystems. Works with Syft, a powerful SBOM image management tool and filesystems.



  • Scan the contents of an image container or file system to find vulnerabilities.
  • Find vulnerabilities in large packages of the following operating systems:
    • Alpine
    • Amazon linux
    • BusyBox
    • CentOS
    • Debian
    • Distroless
    • Oracle Linux
    • Red Hat (RHEL)
    • Ubuntu
  • Find vulnerabilities for specific language packs:
    • Ruby (Gems)
    • Java (JAR, WAR, EAR, JPI, HPI)
    • JavaScript (NPM, Yarn)
    • Python (Egg, Wheel, Poetry, requirements.txt / files)
  • Supports Docker and OCI image images


Recommended (macOS and Linux)

# install the latest version in / usr / local / bin 
curl -sSfL | sh -s --b / usr / local / bin

# install specific version on specific dir 
curl -sSfL | sh -s - b < SOME_BIN_PATH >  < RELEASE_VERSION >

Homebrew (macOS)

brew tap anchore / grype brew install grype

Program configuration

  • .grype.yaml
  • .grype / config.yaml
  • ~ / .grype.yaml
  • /grype/config.yaml

You can download the program from here.

Read them Technology News from all over the world, with the validity of

Follow us on Google News at Google news