Check my containers for security issues.. Trivy can helpFeb 25, 2022
I posted a couple of weeks ago in the general section of the Hub about how I leveraged Keycloack to setup authentication into my Kasten backup setup. However, what if my Keycloak is not secure. First off we would want to check if there are any vulnerabilities with the containers. For that I will use Trivy.
The installation instructions can be found
I am using ubuntu so I did the following:
Now I need to get the name of my container, I am using alias k=kubectl so only need to type k get and then can just type po instead of pods:
k get po
Next what is the exact image and version:
k get po -oyaml |grep -w image
Lets plug this into trivy and see what comes out, first for CRITICAL then for HIGH vulnerabilities:
trivy image quay.io/keycloak/keycloak:14.0.0 |grep -w CRITICAL
Ok, this could be a problem there are 4 Critical vulnerabilities
ober@kube1:~$ trivy image quay.io/keycloak/keycloak:14.0.0 |grep -w HIGH
3 High vulnerabilities as well You can also filter the output of the command directly:
trivy image --severity HIGH,CRITICAL image-name:tag
Lets head over to the Keycloak website and check what is the current version:
Might be time to upgrade.
Stay connected with news and updates!
Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.
We hate SPAM. We will never sell your information, for any reason.