This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Linux distributions

The following Linux distributions are supported for hosts and containers scans:

Operating SystemSupported VersionsPackage ManagersSecurity Advisories
Alpine Linux2.2-2.7, 3.0-3.19 (edge is not supported)apkhttps://secdb.alpinelinux.org/
Wolfi LinuxN/Aapkhttps://packages.wolfi.dev/os/security.json
ChainguardN/Aapkhttps://packages.cgr.dev/chainguard/security.json
Red Hat Enterprise Linux6, 7, 8dnf/yum/rpmhttps://www.redhat.com/security/data/metrics/ and https://www.redhat.com/security/data/oval/v2/
CentOS6, 7, 8dnf/yum/rpmhttps://www.redhat.com/security/data/metrics/ and https://www.redhat.com/security/data/oval/v2/
AlmaLinux8, 9dnf/yum/rpmhttps://errata.almalinux.org/
Rocky Linux8, 9dnf/yum/rpmhttps://download.rockylinux.org/pub/rocky/
Oracle Linux5, 6, 7, 8dnf/yum/rpmhttps://linux.oracle.com/security/oval/
CBL-Mariner1.0, 2.0dnf/yum/rpmhttps://github.com/microsoft/CBL-MarinerVulnerabilityData/
Amazon Linux1, 2, 2023dnf/yum/rpmhttps://alas.aws.amazon.com/
openSUSE Leap42, 15zypper/rpmhttp://ftp.suse.com/pub/projects/security/cvrf/
SUSE Linux Enterprise11, 12, 15zypper/rpmhttp://ftp.suse.com/pub/projects/security/cvrf/
Photon OS1.0, 2.0, 3.0, 4.0tdnf/yum/rpmhttps://packages.vmware.com/photon/photon_cve_metadata/
Debian GNU/Linux7, 8, 9, 10, 11, 12 (unstable/sid is not supported)apt/dpkghttps://security-tracker.debian.org/tracker/ and https://www.debian.org/security/oval/
UbuntuAll versions supported by Canonicalapt/dpkghttps://ubuntu.com/security/cve

Application libraries

The following application languages and libraries are supported for vulnerability scans on containers and Lambda instances:

LanguageSupported Package ManagerSupported Files
RubybundlerGemfile.lock, gemspec
.NETnugetpackages.lock.json, packages.config, .deps.json, *packages.props
GomodBinaries built by Go, go.mod
JavaGradle, Mavenpom.xml, *gradle.lockfile, JAR/WAR/PAR/EAR (with pom.properties)
Node.jsnpm, pnpm, yarnpackage-lock.json, yarn.lock, pnpm-lock.yaml, package.json
PHPcomposercomposer.lock
Pythonpip, poetrypipfile.lock, poetry.lock, egg package, wheel package, conda package

Container runtimes

The following container runtimes are supported:

  • containerd: v1.5.6 or later
  • Docker

Note for container observations: Agentless Scanning requires uncompressed container image layers. As a workaround, you can set the configuration option discard_unpacked_layers=false in the containerd configuration file.