Trivy is an open-source vulnerability scanner for container images, file systems, Git repositories, and more. Trivy is designed to detect a variety of security issues including vulnerabilities, misconfigurations, and compliance issues across different components of the software development lifecycle. This tutorial shows how to install Trivy on Ubuntu 24.04.
Install Trivy
Check the latest version of Trivy from the GitHub repository and assign it to a variable:
TRIVY_VERSION=$(curl -s "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')Download Trivy archive file:
wget -qO trivy.tar.gz https://github.com/aquasecurity/trivy/releases/latest/download/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gzExtract executable to /usr/local/bin directory:
sudo tar xf trivy.tar.gz -C /usr/local/bin trivyHere's how you can check the Trivy version:
trivy --versionRemove unneeded archive file:
rm -rf trivy.tar.gzTesting Trivy
To use Trivy, you can run a command to scan a container image for vulnerabilities. Example:
trivy image ubuntu:latestTrivy will analyze the image and report any detected vulnerabilities. Output example:
2024-08-01T07:30:36+03:00 INFO [vuln] Vulnerability scanning is enabled
2024-08-01T07:30:36+03:00 INFO [secret] Secret scanning is enabled
2024-08-01T07:30:36+03:00 INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-08-01T07:30:36+03:00 INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.54/docs/scanner/secret#recommendation for faster secret detection
2024-08-01T07:30:38+03:00 INFO Detected OS family="ubuntu" version="24.04"
2024-08-01T07:30:38+03:00 INFO [ubuntu] Detecting vulnerabilities... os_version="24.04" pkg_num=91
2024-08-01T07:30:38+03:00 INFO Number of language-specific files num=0
ubuntu (ubuntu 24.04)
Total: 10 (UNKNOWN: 0, LOW: 8, MEDIUM: 2, HIGH: 0, CRITICAL: 0)
┌─────────────┬────────────────┬──────────┬──────────┬─────────────────────┬───────────────────┬─────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├─────────────┼────────────────┼──────────┼──────────┼─────────────────────┼───────────────────┼─────────────────────────────────────────────────────────────┤
│ coreutils │ CVE-2016-2781 │ LOW │ affected │ 9.4-3ubuntu6 │ │ coreutils: Non-privileged session can escape to the parent │
│ │ │ │ │ │ │ session in chroot │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2016-2781 │
├─────────────┼────────────────┤ │ ├─────────────────────┼───────────────────┼─────────────────────────────────────────────────────────────┤
│ gpgv │ CVE-2022-3219 │ │ │ 2.4.4-2ubuntu17 │ │ gnupg: denial of service issue (resource consumption) using │
│ │ │ │ │ │ │ compressed packets │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-3219 │
├─────────────┼────────────────┤ │ ├─────────────────────┼───────────────────┼─────────────────────────────────────────────────────────────┤
│ libc-bin │ CVE-2016-20013 │ │ │ 2.39-0ubuntu8.2 │ │ sha256crypt and sha512crypt through 0.6 allow attackers to │
│ │ │ │ │ │ │ cause a denial of... │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2016-20013 │
├─────────────┤ │ │ │ ├───────────────────┤ │
│ libc6 │ │ │ │ │ │ │
│ │ │ │ │ │ │ │
│ │ │ │ │ │ │ │
├─────────────┼────────────────┼──────────┤──────────├─────────────────────┼───────────────────┼─────────────────────────────────────────────────────────────┤Uninstall Trivy
If you want to completely remove Trivy, delete the executable file:
sudo rm -rf /usr/local/bin/trivyYou can also remove vulnerabilities database:
rm -rf ~/.cache/trivy
Leave a Comment
Cancel reply