Skip to content
grype
Vulnerability Scanning
A vulnerability scanner for container images, filesystems, and SBOMs.
Go
·
Latest v0.113.0 · 10h ago
Security brief →
Features
-
Scan container images, filesystems, and SBOMs for known vulnerabilities
-
Supports major OS package ecosystems (Alpine, Debian, Ubuntu, RHEL, etc.)
-
Supports language‑specific packages (Ruby, Java, JavaScript, Python, .NET, Go, PHP, Rust)
-
Handles Docker, OCI, and Singularity image formats
-
Provides threat & risk prioritization with EPSS, KEV, and custom scoring
Monitor
v0.113.0
New feature
·
Crypto / TLS
Ubuntu 26.04 + Hummingbird filter + TLS/HTTP warnings
v0.112.0
New feature
·
Notable features
- Ignore rules expanded to owned sub packages of distro packages
Full changelog
Added Features
- Expand ignore rules to owned sub packages of distro packages [#3368 #3326 @kzantow]
Additional Changes
- update anchore dependencies [#3391 @anchore-oss-update-bot]
(Full Changelog)
v0.111.1
Bug fix
·
Fixed vulnerability relationship matching, SARIF output helpURI, and Debian component recognition.
Full changelog
Bug Fixes
- apply overlap by ownership removal to dynamically created relationships [#3363 @kzantow]
- compare mismatched package / db versions [#3372 @kzantow]
- Grype doesn't recognize debian component when
"group" : "debian" is specified [#2967]
- HelpURI missing information in SARIF output [#2874 #3351 @will-bates11]
(Full Changelog)
v0.111.0
New feature
·
Notable features
- db diff for v6
- add ProvideFromReader for in-memory SBOM processing
- CSAF vex transformer
v0.110.0
New feature
·
Notable features
- suppress GHSA matches on language packages in fixed APKs
- use Syft for decoding CPEs
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
About
Languages
Go
·
Go Template
·
Shell
Search tools, categories, lists, and users
Use ↑↓ to navigate, Enter to open, Esc to close
No results for ""
⌘K to open
↑↓ navigate
⏎ open
