~/trending
~$CLAUDECO3.0%~$DOCLING0.8%~$CRUSH2.2%~$CONTEXT70.7%~$N8N0.4%~$GEMINICL0.4%~$TAILWIND0.4%~$GOOGLETE0.4%~$GOOSE0.5%~$VLLM0.3%~$CLAUDECO3.0%~$DOCLING0.8%~$CRUSH2.2%~$CONTEXT70.7%~$N8N0.4%~$GEMINICL0.4%~$TAILWIND0.4%~$GOOGLETE0.4%~$GOOSE0.5%~$VLLM0.3%
live
Navigate:
All Reposgrype
~$GRYPE0.1%

Grype: Vulnerability scanner for container images and filesystems

Detect vulnerabilities in container images and filesystems.

LIVE RANKINGS • 06:52 AM • STEADY
OVERALL
#127
59
SECURITY
#12
7
30 DAY RANKING TREND
ovr#127
·Secur#12
STARS
11.3K
FORKS
724
DOWNLOADS
7D STARS
+15
7D FORKS
+1
Tags:
Security
See Repo:
Share:

Learn more about grype

Grype is a command-line vulnerability scanner written in Go that analyzes container images and filesystem contents to detect security vulnerabilities. It works by identifying installed packages across multiple package managers and operating systems, then cross-referencing them against vulnerability databases. The tool supports a wide range of package ecosystems including Alpine, Debian, Ubuntu, and language-specific managers like npm, pip, and Maven. Grype is commonly deployed in CI/CD pipelines, container registries, and local development environments to identify vulnerabilities before deployment.

grype
1

Multi-ecosystem support

Detects vulnerabilities across 12+ operating system distributions and 7+ language-specific package managers in a single scan, providing comprehensive coverage for heterogeneous container environments.

2

OpenVEX integration

Supports OpenVEX format for filtering and augmenting scan results, allowing teams to incorporate vulnerability attestations and custom metadata into scanning workflows.

3

Filesystem and image scanning

Analyzes both extracted container images and local filesystems without requiring Docker daemon access, enabling vulnerability assessment in restricted environments and CI/CD systems.

package main

import (
	"github.com/anchore/grype/grype"
	"github.com/anchore/grype/grype/presenter/models"
)

func scanImage() {
	results, err := grype.ScanImage("alpine:latest")
	if err != nil {
		panic(err)
	}
	
	for _, match := range results.Matches {
		println(match.Vulnerability.ID, match.Artifact.Name)
	}
}
vv0.103.0

Adds support for hyphens in version strings and honors the rpmmod PURL qualifier for RPM package matching.

  • Version strings containing hyphens are now parsed correctly during vulnerability matching.
  • RPM packages with the rpmmod PURL qualifier are now matched according to that qualifier.
vv0.102.0

Adds Alma Linux–specific advisory matching and fixes CPE vulnerability detection for Bitnami packages.

  • Grype now queries Alma Linux advisories directly when scanning Alma-based images instead of relying on RHEL data.
  • Bitnami packages with CPEs are now correctly matched against CPE-based vulnerability feeds.
vv0.101.1

Fixes a panic when scanning images with certain Java dependencies introduced in v0.101.0.

  • Upgrade immediately if running v0.101.0 to avoid crashes on Java dependency scans.
  • No configuration changes required; patch resolves panic error without breaking compatibility.

Top in Security

1

ghidra

63,385
2

gitleaks

24,527
3

OSINT-Framework

10,468
4

spiderfoot

16,324
5

fail2ban

16,548
See all →

Trending Repos

1

claude-code

55,707#1
2

docling

49,545#2
3

crush

17,257#3
4

context7

41,389#4
5

n8n

167,709#5
See all →
[ EXPLORE MORE ]

Related Repositories

Discover similar tools and frameworks used by developers

nuclei

Template-based multi-protocol security scanner for CI/CD pipelines.

26,4483,041

semgrep

Pattern-based code scanner for 30+ languages.

13,810852

ghidra

NSA's open-source tool for analyzing compiled binaries.

63,3857,043

gitleaks

Regex-based secret scanner for git repositories.

24,5271,872

httpx

Fast HTTP probing with response metadata extraction.

14,8861,004