Skip to content

Supported OS

The unfixed/unfixable vulnerabilities mean that the patch has not yet been provided on their distribution. Trivy doesn't support self-compiled packages/binaries, but official packages provided by vendors such as Red Hat and Debian.

OS Supported Versions Target Packages Detection of unfixed vulnerabilities
Alpine Linux 2.2 - 2.7, 3.0 - 3.16, edge Installed by apk NO
Red Hat Universal Base Image1 7, 8, 9 Installed by yum/rpm YES
Red Hat Enterprise Linux 6, 7, 8 Installed by yum/rpm YES
CentOS 6, 7, 8 Installed by yum/rpm YES
AlmaLinux 8 Installed by yum/rpm NO
Rocky Linux 8 Installed by yum/rpm NO
Oracle Linux 5, 6, 7, 8 Installed by yum/rpm NO
CBL-Mariner 1.0, 2.0 Installed by yum/rpm YES
Amazon Linux 1, 2, 2022 Installed by yum/rpm NO
openSUSE Leap 42, 15 Installed by zypper/rpm NO
SUSE Enterprise Linux 11, 12, 15 Installed by zypper/rpm NO
Photon OS 1.0, 2.0, 3.0, 4.0 Installed by tdnf/yum/rpm NO
Debian GNU/Linux wheezy, jessie, stretch, buster, bullseye Installed by apt/apt-get/dpkg YES
Ubuntu All versions supported by Canonical Installed by apt/apt-get/dpkg YES
Distroless2 Any Installed by apt/apt-get/dpkg YES

  1. https://developers.redhat.com/products/rhel/ubi 

  2. https://github.com/GoogleContainerTools/distroless