Constant "unable to load CVE from TrivyDB" warnings

[slitsevych]

I have a question regarding logs in trivy-plugin, it looks like that it cannot find most of the CVEs from the reports and it seems like it's looking for the details in https://github.com/aquasecurity/trivy-db-data/ repo which is outdated/deprecated? Or am I missing something and it is expected behavior?

1.7340032261579108e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "NSWG-ECO-309", "error": "CVE not found"}
1.7340032261579626e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-23369", "error": "CVE not found"}
1.7340032261579804e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-23369", "error": "CVE not found"}
1.7340032261581635e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2019-10744", "error": "CVE not found"}
1.7340032261639462e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2018-20676", "error": "CVE not found"}
1.7340032261640828e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2018-20677", "error": "CVE not found"}
1.7340032261648746e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2020-7676", "error": "CVE not found"}
1.734003226165219e+09   warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2019-10744", "error": "CVE not found"}
1.734003226169582e+09   warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2020-36632", "error": "CVE not found"}
1.7340032261696231e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-3918", "error": "CVE not found"}
1.7340032262225082e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2022-21213", "error": "CVE not found"}
1.73400322622258e+09    warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-43138", "error": "CVE not found"}
1.7340032262239592e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "NSWG-ECO-328", "error": "CVE not found"}
1.7340032262239969e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-23383", "error": "CVE not found"}
1.734003226253019e+09   warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2015-9251", "error": "CVE not found"}
1.7340032262530704e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "NSWG-ECO-519", "error": "CVE not found"}
1.7340032262530842e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "NSWG-ECO-519", "error": "CVE not found"}
1.7340032262585201e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2021-42740", "error": "CVE not found"}
1.7340032262871802e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2016-10540", "error": "CVE not found"}
1.7340032262881215e+09  warn    vulnr/service.go:41     unable to load CVE from TrivyDB {"cve": "CVE-2016-10540", "error": "CVE not found"}

[fjogeleit]

Hey, yes. Thats true. It should have a fallback to another API. But I will doublecheck how I can improve this part.