Tsunati University - Register Today

Check my containers for security issues.. Trivy can help

I posted a couple of weeks ago in the general section of the Hub about how I leveraged Keycloack to setup authentication into my Kasten backup setup. However, what if my Keycloak is not secure. First off we would want to check if there are any vulnerabilities with the containers. For that I will use Trivy.

The installation instructions can be found

here https://aquasecurity.github.io/trivy/v0.18.3/installation/

I am using ubuntu so I did the following:

Now I need to get the name of my container, I am using alias k=”kubectl” so only need to type k get and then can just type po instead of pods:

k get po

Next what is the exact image and version:


Lets plug this into trivy and see what comes out, first for CRITICAL then for HIGH vulnerabilities:

trivy image quay.io/keycloak/keycloak:| -w CRITICAL

Ok, this could be a problem there are 4 Critical vulnerabilities

ober trivy image quay.io/keycloak/keycloak: |grep -w 

3 High vulnerabilities as well You can also filter the output of the command directly:

trivy image –severity HIGH,CRITICAL image-name

Lets head over to the Keycloak website and check what is the current version:

Might be time to upgrade.

Scroll to Top