Skip to content

Vulnerability Scanner

Harbor has Trivy, a vulnerability scanner, built in. Trivy can be used to scan images hosted on Harbor for any vulnerabilities. It provides a robust list of results with valuable information to help patch vulnerable images.

Info

This document assumes you have access to a project in Harbor with privileges to scan the images in that project.

For more information on getting a Harbor project, see container registry.

To run a scan:

  1. Log in to the Harbor Web UI
  2. Navigate to your project by clicking its name
  3. Click the name of the image you'd like to scan
  4. In the Artifacts tab (opened automatically) check the box next to the artifact you want to scan
  5. Click the Scan button above the list

The status in the Vulnerabilities column will update from Queued → Scanning → a completed report.

Hovering over the report gives more details, and clicking the artifact name shows the full scan output.

The full report includes detailed information about any vulnerabilities found. An example of what the output looks like is shown below: