trivy image <image_name>

Scan an image

Arguments

Name	Description
`image_name`

Subcommands

Name	Description
`--template, -t`	Output template [$TRIVY_TEMPLATE]
`--format, -f`	Format (table, json, sarif, template) (default: "table") [$TRIVY_FORMAT]
`--severity, -s`	Severities of vulnerabilities to be displayed (comma separated) (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL") [$TRIVY_SEVERITY]
`--output, -o`	Output file name [$TRIVY_OUTPUT]
`--exit-code`	Exit code when vulnerabilities were found (default: 0) [$TRIVY_EXIT_CODE]
`--clear-cache, -c`	Clear image caches without scanning [$TRIVY_CLEAR_CACHE]
`--vuln-type`	Comma-separated list of vulnerability types (os,library) (default: "os,library") [$TRIVY_VULN_TYPE]
`--security-checks`	Comma-separated list of what security issues to detect (vuln,config) (default: "vuln") [$TRIVY_SECURITY_CHECKS]
`--ignorefile`	Specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]]
`--timeout`	Timeout (default: 5m0s) [$TRIVY_TIMEOUT]
`--ignore-policy`	Specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
`--list-all-pkgs`	Enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
`--cache-backend`	Cache backend (e.g. redis://localhost:6379) (default: "fs") [$TRIVY_CACHE_BACKEND]
`--no-progress`	Suppress progress bar [$TRIVY_NO_PROGRESS]
`--offline-scan`	Do not issue API requests to identify dependencies [$TRIVY_OFFLINE_SCAN]
`--skip-files`	Specify the file paths to skip traversal [$TRIVY_SKIP_FILES]
`--skip-dirs`	Allow insecure server connections when using SSL [$TRIVY_INSECURE]
`--skip-db-update, --skip-update`	Skip updating vulnerability database [$TRIVY_SKIP_UPDATE, $TRIVY_SKIP_DB_UPDATE]
`--removed-pkgs`	Detect vulnerabilities of removed packages (default: false) [$TRIVY_REMOVED_PKGS]
`--input, -i`	Input file path instead of image name [$TRIVY_INPUT]
`--download-db-only`	Download/update vulnerability database but don't run a scan [$TRIVY_DOWNLOAD_DB_ONLY]
`--reset`	Remove all caches and database [$TRIVY_RESET]
`--ignore-unfixed`	Display only fixed vulnerabilities [$TRIVY_IGNORE_UNFIXED]
`--light`	Deprecated [$TRIVY_LIGHT]
`--insecure`	Allow insecure server connections when using SSL [$TRIVY_INSECURE]