Agentless Scanning Compatibility Matrix

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Linux distributions

The following Linux distributions are supported for hosts and containers scans:

Operating SystemSupported VersionsPackage ManagersSecurity Advisories
Alpine Linux2.2-2.7, 3.0-3.19 (edge is not supported)apkhttps://secdb.alpinelinux.org/
Wolfi LinuxN/Aapkhttps://packages.wolfi.dev/os/security.json
ChainguardN/Aapkhttps://packages.cgr.dev/chainguard/security.json
Red Hat Enterprise Linux6, 7, 8dnf/yum/rpmhttps://www.redhat.com/security/data/metrics/ and https://www.redhat.com/security/data/oval/v2/
CentOS6, 7, 8dnf/yum/rpmhttps://www.redhat.com/security/data/metrics/ and https://www.redhat.com/security/data/oval/v2/
AlmaLinux8, 9dnf/yum/rpmhttps://errata.almalinux.org/
Rocky Linux8, 9dnf/yum/rpmhttps://download.rockylinux.org/pub/rocky/
Oracle Linux5, 6, 7, 8dnf/yum/rpmhttps://linux.oracle.com/security/oval/
CBL-Mariner1.0, 2.0dnf/yum/rpmhttps://github.com/microsoft/CBL-MarinerVulnerabilityData/
Amazon Linux1, 2, 2023dnf/yum/rpmhttps://alas.aws.amazon.com/
openSUSE Leap42, 15zypper/rpmhttp://ftp.suse.com/pub/projects/security/cvrf/
SUSE Linux Enterprise11, 12, 15zypper/rpmhttp://ftp.suse.com/pub/projects/security/cvrf/
Photon OS1.0, 2.0, 3.0, 4.0tdnf/yum/rpmhttps://packages.vmware.com/photon/photon_cve_metadata/
Debian GNU/Linux7, 8, 9, 10, 11, 12 (unstable/sid is not supported)apt/dpkghttps://security-tracker.debian.org/tracker/ and https://www.debian.org/security/oval/
UbuntuAll versions supported by Canonicalapt/dpkghttps://ubuntu.com/security/cve

Application libraries

The following application languages and libraries are supported for vulnerability scans on containers and Lambda instances:

LanguageSupported Package ManagerSupported Files
RubybundlerGemfile.lock, gemspec
.NETnugetpackages.lock.json, packages.config, .deps.json, *packages.props
GomodBinaries built by Go, go.mod
JavaGradle, Mavenpom.xml, *gradle.lockfile, JAR/WAR/PAR/EAR (with pom.properties)
Node.jsnpm, pnpm, yarnpackage-lock.json, yarn.lock, pnpm-lock.yaml, package.json
PHPcomposercomposer.lock
Pythonpip, poetrypipfile.lock, poetry.lock, egg package, wheel package, conda package

Container runtimes

The following container runtimes are supported:

  • containerd: v1.5.6 or later
  • Docker

Note for container observations: Agentless Scanning requires uncompressed container image layers. As a workaround, you can set the configuration option discard_unpacked_layers=false in the containerd configuration file.

PREVIEWING: dgreen15/github-error-fix