aquasecurity trivy · Discussions · GitHub

Sort by: Latest activity

Categories

Discussions

You must be logged in to vote

Trivy 0.59.1 detects false positive CVE-2025-25193 against netty-common-4.1.118.Final.jar
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
navzen2000 asked Feb 14, 2025 in Q&A · Closed · Answered

9
You must be logged in to vote

Improving Performance - Maven Artifact Caching
triage/support Indicates an issue that is a support question.
goneall asked Dec 18, 2024 in Q&A · Unanswered

18
You must be logged in to vote

Add support for the Mageia distribution
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning
dfandrich started Feb 15, 2025 in Ideas

2
You must be logged in to vote

Golang: Resultant version and purls drop v from component in cyclonedx sbom.
kind/bug Categorizes issue or PR as related to a bug.
b-ramsey started Jul 28, 2024 in Bugs

9
You must be logged in to vote

CVE-2023-47100 is missing in trivy for Perl while syft reports it for the same Debian docker image
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
Bruceliu-rs asked Feb 14, 2025 in Q&A · Closed · Answered

6
You must be logged in to vote

Trivy Not Detecting AWS OpenSearch Encryption At-Rest Misconfiguration - Terraform
kind/bug Categorizes issue or PR as related to a bug.
obounaim started Feb 13, 2025 in Bugs

2
You must be logged in to vote

Trivy fails to parse Rancher binary's -ldflags due to unsupported flags like -extldflags
kind/bug Categorizes issue or PR as related to a bug.
kerringtonwells started Feb 6, 2025 in Bugs · Closed

2
You must be logged in to vote

Failed to expand block. Invalid 'for-each' argument
kind/bug Categorizes issue or PR as related to a bug.
Faisal-bp started Feb 12, 2025 in Bugs

1
You must be logged in to vote

Questions about the file to be analyzed
triage/support Indicates an issue that is a support question.
230450842 asked Feb 13, 2025 in Q&A · Unanswered

1
You must be logged in to vote

trivy registry login fails for docker.io with "unknown resource type" error
kind/bug Categorizes issue or PR as related to a bug.
rafaeltc started Feb 11, 2025 in Bugs · Closed

1
You must be logged in to vote

CVE Detection on VSCode Extension
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
raghur-orca asked Feb 13, 2024 in Q&A · Unanswered

10
You must be logged in to vote

Understanding how CVE severity is defined
triage/support Indicates an issue that is a support question.
stevieg27 asked Feb 11, 2025 in Q&A · Unanswered

1
You must be logged in to vote

Panic when scanning simple SPDX sbom created by syft
kind/bug Categorizes issue or PR as related to a bug.
dfandrich started Feb 7, 2025 in Bugs · Closed

4
You must be logged in to vote

The Date/Time in the log files do not reflect the actual clock.Now
triage/support Indicates an issue that is a support question.
goneall asked Feb 9, 2025 in Q&A · Closed · Unanswered

6
You must be logged in to vote

Scanning a repository does not pick up any licenses
kind/bug Categorizes issue or PR as related to a bug.
danielpomfjuk started Feb 7, 2025 in Bugs

2
You must be logged in to vote

Full license scan only returns results when --format not set
triage/support Indicates an issue that is a support question. scan/license Issues relating to license scanning
srowe asked Nov 25, 2024 in Q&A · Unanswered

3
You must be logged in to vote

ZIP Extraction during SBOM Generation
kind/feature Categorizes issue or PR as related to a new feature.
tetzla started Feb 7, 2025 in Ideas · Closed

0
You must be logged in to vote

Only One Entrypoint false negative

ArtemkaKun started Feb 6, 2025 in False Detection · Closed

2
You must be logged in to vote

CycloneDX report doesn't seem to have the correct license information
kind/bug Categorizes issue or PR as related to a bug.
jerbob92 started May 23, 2024 in Bugs · Closed

8
You must be logged in to vote

Maven: Trivy reports vulnerability based on wrong dependency version
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
dhladik asked Sep 20, 2024 in Q&A · Closed · Answered

7
You must be logged in to vote

Temporary source list messed up the image scan detection
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
fikrapdso asked Feb 5, 2025 in Q&A · Closed · Answered

7
You must be logged in to vote

trivy maven repo access behind firewall
triage/support Indicates an issue that is a support question.
pepe-pj asked Jan 10, 2024 in Q&A · Closed · Unanswered

2
You must be logged in to vote

SBOM documentation page is unclear
kind/documentation Categorizes issue or PR as related to documentation.
StephenKing started Feb 5, 2025 in Documentation

4
You must be logged in to vote

Issues with .trivyignore working with trivy server integration within Dependency-Track
triage/support Indicates an issue that is a support question.
Shadow-Templar asked Feb 4, 2025 in Q&A · Unanswered

4
You must be logged in to vote

k8s KBOM is not generating proper PURL as versions are missing
kind/bug Categorizes issue or PR as related to a bug.
dsever started Feb 4, 2025 in Bugs · Closed

5