Trivy · Schema
Trivy Vulnerability Report
Schema for a Trivy vulnerability scan report containing detected CVEs and package vulnerabilities
ContainersKubernetesSBOMSecurityVulnerability ScanningOpen SourceDevSecOpsCloud Security
Properties
| Name | Type | Description |
|---|---|---|
| SchemaVersion | integer | Schema version of the report |
| ArtifactName | string | Name of the scanned artifact (container image, file path, repo URL) |
| ArtifactType | string | Type of artifact scanned |
| Metadata | object | Metadata about the scan target |
| Results | array | Scan results per target layer or component |
JSON Schema
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "https://api-evangelist.github.io/trivy/json-schema/trivy-vulnerability-report-schema.json",
"title": "Trivy Vulnerability Report",
"description": "Schema for a Trivy vulnerability scan report containing detected CVEs and package vulnerabilities",
"type": "object",
"properties": {
"SchemaVersion": {
"type": "integer",
"description": "Schema version of the report",
"example": 2
},
"ArtifactName": {
"type": "string",
"description": "Name of the scanned artifact (container image, file path, repo URL)"
},
"ArtifactType": {
"type": "string",
"description": "Type of artifact scanned",
"enum": ["container_image", "filesystem", "repository", "virtual-machine", "sbom"]
},
"Metadata": {
"type": "object",
"description": "Metadata about the scan target",
"properties": {
"OS": {
"type": "object",
"properties": {
"Family": { "type": "string", "description": "OS family (alpine, debian, ubuntu, etc.)" },
"Name": { "type": "string", "description": "OS name and version" }
}
},
"ImageID": { "type": "string", "description": "Container image ID" },
"DiffIDs": {
"type": "array",
"items": { "type": "string" }
},
"RepoTags": {
"type": "array",
"items": { "type": "string" }
},
"RepoDigests": {
"type": "array",
"items": { "type": "string" }
}
}
},
"Results": {
"type": "array",
"description": "Scan results per target layer or component",
"items": {
"$ref": "#/definitions/Result"
}
}
},
"definitions": {
"Result": {
"type": "object",
"properties": {
"Target": {
"type": "string",
"description": "Name of the scanned target (layer, file, or package)"
},
"Class": {
"type": "string",
"description": "Result class",
"enum": ["os-pkgs", "lang-pkgs", "config", "secret", "license"]
},
"Type": {
"type": "string",
"description": "Package manager or format type"
},
"Vulnerabilities": {
"type": "array",
"description": "List of detected vulnerabilities",
"items": {
"$ref": "#/definitions/Vulnerability"
}
},
"Misconfigurations": {
"type": "array",
"description": "Detected misconfigurations",
"items": {
"$ref": "#/definitions/Misconfiguration"
}
},
"Secrets": {
"type": "array",
"description": "Detected secrets",
"items": {
"$ref": "#/definitions/Secret"
}
}
}
},
"Vulnerability": {
"type": "object",
"required": ["VulnerabilityID", "Severity"],
"properties": {
"VulnerabilityID": {
"type": "string",
"description": "CVE or vulnerability identifier",
"example": "CVE-2021-44228"
},
"PkgName": {
"type": "string",
"description": "Affected package name"
},
"PkgVersion": {
"type": "string",
"description": "Current package version"
},
"FixedVersion": {
"type": "string",
"description": "Version that fixes the vulnerability"
},
"Severity": {
"type": "string",
"description": "Vulnerability severity",
"enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
},
"Title": {
"type": "string",
"description": "Short title of the vulnerability"
},
"Description": {
"type": "string",
"description": "Detailed vulnerability description"
},
"CVSS": {
"type": "object",
"description": "CVSS scores from various sources"
},
"References": {
"type": "array",
"description": "Reference URLs for the vulnerability",
"items": { "type": "string", "format": "uri" }
},
"PublishedDate": {
"type": "string",
"format": "date-time"
},
"LastModifiedDate": {
"type": "string",
"format": "date-time"
}
}
},
"Misconfiguration": {
"type": "object",
"properties": {
"Type": { "type": "string", "description": "Misconfiguration type (e.g., Kubernetes, Dockerfile)" },
"ID": { "type": "string", "description": "Rule identifier" },
"Title": { "type": "string" },
"Description": { "type": "string" },
"Message": { "type": "string" },
"Severity": {
"type": "string",
"enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
},
"Status": {
"type": "string",
"enum": ["FAIL", "PASS", "WARN", "EXCEPTION"]
}
}
},
"Secret": {
"type": "object",
"properties": {
"RuleID": { "type": "string", "description": "Secret detection rule ID" },
"Category": { "type": "string", "description": "Secret category (e.g., aws-access-key)" },
"Title": { "type": "string" },
"Severity": {
"type": "string",
"enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
},
"StartLine": { "type": "integer" },
"EndLine": { "type": "integer" },
"Code": {
"type": "object",
"description": "Code snippet context"
}
}
}
}
}