Versions:
Anchore Grype 0.110.0 is a container and filesystem vulnerability scanner developed by Anchore Inc., designed to give DevOps and security teams a fast, reliable way to surface known CVEs in Linux images, application layers, and directory trees. The command-line tool ingests a Software Bill of Materials (SBOM) produced by Anchore’s companion utility Syft or any CycloneDX/SPDX-compatible feed, then matches the enumerated packages against continuously updated vulnerability databases drawn from GitHub Advisories, Alpine, Red Hat, Debian, and other upstream security trackers. Typical use cases include gatekeeping CI/CD pipelines, performing pre-deployment checks in Kubernetes environments, auditing third-party base images, and generating compliance evidence for containerized workloads. Grype’s lightweight single-binary distribution installs in seconds on macOS, Linux, or Windows, requires no daemon, and can scan both local Docker archives and remote OCI tarballs without elevated privileges. Since its first public release the project has evolved through forty-five numbered versions, adding JSON and table output formats, configurable fail-on-severity thresholds, and an experimental “vulnerability fixed-in” hinting system that helps engineers prioritize patching by showing exactly which package upgrade closes a given CVE. The scanner is frequently embedded in GitHub Actions, GitLab CI, Jenkins, and Tekton pipelines, where it can break builds when critical issues are detected or export SARIF reports for GitHub Security tab integration. Grype is available for free on get.nero.com, with downloads provided via trusted Windows package sources such as winget, always delivering the latest version and supporting batch installation of multiple applications.
Tags: