The grype is a vulnerability scanner for Container images and filesystems. Works with Syft, a powerful SBOM image management tool and filesystems.
- Scan the contents of an image container or file system to find vulnerabilities.
- Find vulnerabilities in large packages of the following operating systems:
- Amazon linux
- Oracle Linux
- Red Hat (RHEL)
- Find vulnerabilities for specific language packs:
- Ruby (Gems)
- Java (JAR, WAR, EAR, JPI, HPI)
- Python (Egg, Wheel, Poetry, requirements.txt / setup.py files)
- Supports Docker and OCI image images
Recommended (macOS and Linux)
# install the latest version in / usr / local / bin curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s --b / usr / local / bin # install specific version on specific dir curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s - b < SOME_BIN_PATH > < RELEASE_VERSION >
You can download the program from here..