gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 15:16:33 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c40a8d4b9b943f1b679a20f8ba3cb61c94831de
trivy/docs/guide/coverage/os/centos.md
Owen Rumney 9da33b5aed docs: restructure docs for new hosting (#9799)
2025-11-18 15:45:49 +00:00

39 lines
1.5 KiB
Markdown
Raw Blame History

# CentOS
Trivy supports the following scanners for OS packages.
| Scanner | Supported |
| :-----------: | :-------: |
| SBOM | ✓ |
| Vulnerability | ✓ |
| License | ✓ |
Please see [here](index.md#supported-os) for supported versions.
The table below outlines the features offered by Trivy.
| Feature | Supported |
| :-----------------------------------: | :-------: |
| Unfixed vulnerabilities | ✓ |
| [Dependency graph][dependency-graph] | ✓ |
| End of life awareness | ✓ |
## SBOM
Same as [RHEL](rhel.md#sbom).
## Vulnerability
CentOS does not provide straightforward machine-readable security advisories.
As a result, Trivy utilizes the security advisories from [Red Hat Enterprise Linux (RHEL)](rhel.md#vulnerability) for detecting vulnerabilities in CentOS.
This approach might lead to situations where, even though Trivy displays a fixed version, CentOS might not have the patch available yet.
Since patches released for RHEL often become available in CentOS after some time, it's usually just a matter of waiting.
!!! note
The case for CentOS Stream, which is not supported by Trivy, is entirely different from CentOS.
As Trivy relies on Red Hat's advisories, please refer to [Red Hat](rhel.md) for details regarding vulnerability severity and status.
## License
Same as [RHEL](rhel.md#license).
[dependency-graph]: ../../configuration/reporting.md#show-origins-of-vulnerable-dependencies
Reference in New Issue View Git Blame Copy Permalink