aquasecurity trivy · Discussions · GitHub

Sort by: Latest activity

Categories

Discussions

You must be logged in to vote

How to get of rid of "Unable to find python site-packages directory. License detection is skipped. err="site-packages directory not found""
triage/support Indicates an issue that is a support question. scan/license Issues relating to license scanning
sudhakarmancha asked Dec 11, 2024 in Q&A · Unanswered

1
You must be logged in to vote

Adding whitelist for policy
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning
DanielCastronovo asked Oct 29, 2024 in Q&A · Closed · Answered

2
You must be logged in to vote

Missing (documentation of) detection of CVEs in the main package of Docker images
triage/support Indicates an issue that is a support question.
MShekow asked Dec 8, 2024 in Q&A · Answered

7
You must be logged in to vote

How to fix cross-spawn (package.json) vulnerability
triage/support Indicates an issue that is a support question.
nikunjworld asked Dec 9, 2024 in Q&A · Unanswered

7
You must be logged in to vote

Allow skipping scan on deployments with 0 desired replicas
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/kubernetes Issues relating to kubernetes cluster scanning
abutransistor started Nov 21, 2024 in Ideas · Closed

6
You must be logged in to vote

False positive for gcp-service-account

tzurielweisberg started Dec 10, 2024 in False Detection

2
You must be logged in to vote

Azure - Storage Account - "HIGH: Network rules do not allow bypass for Microsoft Services."

AlexcFrench started Dec 5, 2024 in False Detection

5
You must be logged in to vote

aws scan: fatal rego_type_error: undefined function from content in the trivy cache
kind/bug Categorizes issue or PR as related to a bug.
tstraley started Dec 5, 2024 in Bugs

6
You must be logged in to vote

Provide Trivy as a Conan package
kind/feature Categorizes issue or PR as related to a new feature.
lukas-braune started Dec 6, 2024 in Ideas

3
You must be logged in to vote

Image Scans: SBOM generated by trivy does not contain license information for gobinary depedencies
triage/support Indicates an issue that is a support question.
seth-priya asked May 18, 2023 in Q&A · Unanswered

10
You must be logged in to vote

Scanning gradle.lockfile in image
triage/support Indicates an issue that is a support question.
marko-majcenic asked Dec 7, 2024 in Q&A · Unanswered

1
You must be logged in to vote

Scan Kubernetes Custom Resources?
triage/support Indicates an issue that is a support question.
tschran asked Oct 25, 2024 in Q&A · Unanswered

6
You must be logged in to vote

False negative: clamav 1.2.x is out of support, has vulnerabilities and is in Alpine 3.20 and is not detected
kind/security-advisory Categorizes issue or PR as related to security advisories.
kolbma started Dec 5, 2024 in False Detection · Closed

7
You must be logged in to vote

Support for dynamic VEX retrieval from "External References" of SBOMs
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
RingoDev started Dec 4, 2024 in Ideas

7
You must be logged in to vote

False detection for CVE-2024-45491 on Red Hat UBI8 and UBI9

jhebden-gl started Dec 6, 2024 in False Detection · Closed

2
You must be logged in to vote

META-INF pom is considered as a vulnerability
scan/vulnerability Issues relating to vulnerability scanning
o-shevchenko asked Dec 20, 2023 in Q&A · Unanswered

9
You must be logged in to vote

Paths don't work in .trivyignore.yaml
kind/bug Categorizes issue or PR as related to a bug.
salemgolemugoo started Dec 5, 2024 in Bugs

1
You must be logged in to vote

feat(vex): dependency tree checking with vex-repos
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
lbu-hlx started Nov 19, 2024 in Ideas

8
You must be logged in to vote

Incorrect SARIF File Generation by Trivy - GCP scanner
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
obounaim started Dec 4, 2024 in Bugs · Closed

5
You must be logged in to vote

Document your CycloneDX Property Taxonomy
kind/documentation Categorizes issue or PR as related to documentation.
jkowalleck started Dec 5, 2024 in Documentation

0
You must be logged in to vote

CVSS-Tampering: GitHub creates incorrect CVSS v4 scores

AB-xdev started Dec 4, 2024 in False Detection

2
You must be logged in to vote

Trivy detects CVE in pom file even though the specific dependency has been upgraded to the fix version
kind/bug Categorizes issue or PR as related to a bug.
SemProvoost started Dec 3, 2024 in Bugs · Closed

1
You must be logged in to vote

When resolving Terraform modules from registry, Trivy does not utilize remote service discovery
kind/bug Categorizes issue or PR as related to a bug.
marcinbelczewski started Nov 21, 2024 in Bugs

6
You must be logged in to vote

Add ability to see that Trivy doesn't support detecting vulnerabilities in the found OS for json format
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
DmitriyLewen started Jun 20, 2024 in Ideas

3
You must be logged in to vote

Pipeline misconfiguration failures
triage/support Indicates an issue that is a support question.
marcomattoni asked Dec 4, 2024 in Q&A · Closed · Unanswered

4