Replies: 1 comment
-
|
there are so many vulnerabilities, I don't think it makes sense to list them in the terminal as it's probably incomsumable. Also, if the idea is just to dump the entire vulnerability database, you can just do that: either search for the vulnerability in vuln-list (which is the source of Trivy DB), or in Trivy DB with a bolt browser. AVD is another way, it's simply a reflection of vuln-list. The search mechanism might be suboptimal, if you know the cve id, you can just plug it in the URL and see if there's a page for it. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
When a new vulnerability comes out, it's vital to know if and when Trivy has the ability to detect it. Listing all known CVE's in the Trivy database would solve this issue. Currently the only method I know of is searching https://avd.aquasec.com. As of today, searching for CVE-2024-47176 yields nothing, but the Aquasec vuln database website still oddly returns other CVE's when you search for this one CVE, bringing the web site functionality into question.
Target
None
Scanner
Vulnerability
Beta Was this translation helpful? Give feedback.
All reactions