-
Notifications
You must be signed in to change notification settings - Fork 532
aquasecurity trivy Discussions
Sort by:
Latest activity
Categories, most helpful, and community links
Categories
Community links
Discussions
-
You must be logged in to vote 🐛 -
You must be logged in to vote 💡 Detect manually installed Node.js runtimes and report Node.js core vulnerabilities
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 🐛 VEX repository: HTTP 304 on archive re-download wipes the cached repo (only the manifest remains) → VEX silently stops being applied
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote 🙏 False Positive: GO-2026-5932 incorrectly flags golang.org/x/crypto even if openpgp subpackage is not used
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 🙏 Questions on the possible inclusion of euvd as a datasource
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote 🔎 -
You must be logged in to vote 🙏 Duplicate components & dependencies in BOM
scan/sbomIssues relating to SBOM target/container-imageIssues relating to container image scanning -
You must be logged in to vote 🐛 License detection not working for JAR packages (trivy 0.72.0) despite license information in META-INF/MANIFEST.MF, META-INF/LICENSE
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote 🙏
scan/vulnerabilitytrivy imagesilently falls back topackage.jsonwhenyarn.lockcontains SSH git dependencies -trivy fshandles the same file properlyIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 🙏 Dev for trivy-azure-pipelines-task?
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote 👨💻 -
You must be logged in to vote 🔎 -
You must be logged in to vote 🙏 cannot pull from local db-repository since version 0.71.0 and above
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote 🙏 Inconsistent library detection inside 3rd party packages between RHEL and Ubuntu
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 💡 Recommendations / support for Deno
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning target/repositoryIssues relating to VCS repository scanning -
You must be logged in to vote 🙏 Cannot build with
triage/supportgo installwith 1.27rc2Indicates an issue that is a support question. -
You must be logged in to vote 🐛 SBOM generation broken for pnpm when using devEngines.packageManager field
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote 🐛 pnpm workspace with overlapping direct dependencies causes non-deterministic package resolution
kind/bugCategorizes issue or PR as related to a bug. scan/vulnerabilityIssues relating to vulnerability scanning target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote 🐛 misconfig scanner panics on images with a HEALTHCHECK history line but no Healthcheck config
kind/bugCategorizes issue or PR as related to a bug. scan/misconfigurationIssues relating to misconfiguration scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 📢 -
You must be logged in to vote 🙏 False positive: GHSA-fh5r-crhr-qrrq (CVE-2025-23184) cxf core 3.5.8.redhat-00001
triage/supportIndicates an issue that is a support question. scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote 💡 Support for Hadron Linux (musl-based immutable distro, used by Kairos) in Trivy
kind/featureCategorizes issue or PR as related to a new feature. scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote 👨💻 -
You must be logged in to vote 🐛 trivy server/client mode failed to scan offline
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote 👨💻