trivy-ecr-scan
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Details
Category: Containers
Publisher: trickest-mhmdiaa
Created Date: 6/7/2022
Container: quay.io/trickest/trivy-ecr-scan:v0.24.4
Source URL: https://github.com/aquasecurity/trivy
Parameters
Command:
--light - deprecated (default: false) [$TRIVY_LIGHT]Command:
--format - format (table, json, sarif, template) (default: table) [$TRIVY_FORMAT]Command:
--timeout - timeout (default: 5m0s) [$TRIVY_TIMEOUT]Command:
--insecure - allow insecure server connections when using SSL (default: false) [$TRIVY_INSECURE]Command:
--severity - severities of vulnerabilities to be displayed (comma separated) (default: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL) [$TRIVY_SEVERITY]Command:
--exit-code - Exit code when vulnerabilities were found (default: 0) [$TRIVY_EXIT_CODE]Command:
--skip-dirs - specify the directories where the traversal is skipped [$TRIVY_SKIP_DIRS]Command:
--vuln-type - comma-separated list of vulnerability types (os,library) (default: os,library) [$TRIVY_VULN_TYPE]Command:
Command:
--skip-files - specify the file paths to skip traversal [$TRIVY_SKIP_FILES]Command:
--no-progress - suppress progress bar (default: false) [$TRIVY_NO_PROGRESS]Command:
--removed-pkgs - detect vulnerabilities of removed packages (only for Alpine) (default: false) [$TRIVY_REMOVED_PKGS]Command:
--ignore-policy - specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]Command:
--list-all-pkgs - enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]Command:
--ignore-unfixed - display only fixed vulnerabilities (default: false) [$TRIVY_IGNORE_UNFIXED]Command:
--skip-db-update - skip updating vulnerability database (default: false) [$TRIVY_SKIP_UPDATE, $TRIVY_SKIP_DB_UPDATE]Command:
Command:
--security-checks - comma-separated list of what security issues to detect (vuln,config) (default: vuln) [$TRIVY_SECURITY_CHECKS]