Sales Inquiry

Check my containers for security issues.. Trivy can help

Feb 25, 2022

I posted a couple of weeks ago in the general section of the Hub about how I leveraged Keycloack to setup authentication into my Kasten backup setup. However, what if my Keycloak is not secure. First off we would want to check if there are any vulnerabilities with the containers. For that I will use Trivy.

The installation instructions can be found

here https://aquasecurity.github.io/trivy/v0.18.3/installation/

I am using ubuntu so I did the following:

Now I need to get the name of my container, I am using alias k=kubectl so only need to type k get and then can just type po instead of pods:

k get po

Next what is the exact image and version:

k get po -oyaml |grep -w image

Lets plug this into trivy and see what comes out, first for CRITICAL then for HIGH vulnerabilities:

trivy image quay.io/keycloak/keycloak:14.0.0 |grep -w CRITICAL

Ok, this could be a problem there are 4 Critical vulnerabilities

ober@kube1:~$ trivy image quay.io/keycloak/keycloak:14.0.0 |grep -w HIGH

3 High vulnerabilities as well You can also filter the output of the command directly:

trivy image --severity HIGH,CRITICAL image-name:tag

Lets head over to the Keycloak website and check what is the current version:

Might be time to upgrade.

Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.

We hate SPAM. We will never sell your information, for any reason.