trivy does not manage VEX attestation as expected with option --vex oci #9833

rcarre · 2025-11-20T13:40:16Z

rcarre
Nov 20, 2025

Description

Once I attached a VEX attestation to my OCI format image, command line trivy image --vex oci --show-suppressed does not display any suppressed CVE.

Instead, I get a I got this message:

INFO    [vex] No VEX attestations found type="oci" purl="pkg:oci/ccn-cnfoperator-img@sha256%3Ab1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758

I checked that the purl is matching but how to check type=oci ? Where is stored this information ?

Thanks for your support.

Desired Behavior

Running the command line with the local VEX file is working as expected: trivy image --vex my-local-file.json --show-suppressed

Total: 5 (HIGH: 5, CRITICAL: 0)

┌──────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│             Library              │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                            Title                             │
├──────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ github.com/containerd/containerd │ CVE-2024-25621 │ HIGH     │ fixed  │ v1.7.27           │ 1.7.29         │ containerd is an open-source container runtime. Versions     │
│                                  │                │          │        │                   │                │ 0.1.0 through ...                                            │
│                                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-25621                   │
├──────────────────────────────────┼────────────────┤          │        ├───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ stdlib                           │ CVE-2025-58183 │          │        │ v1.24.4           │ 1.24.8, 1.25.2 │ golang: archive/tar: Unbounded allocation when parsing GNU   │
│                                  │                │          │        │                   │                │ sparse map                                                   │
│                                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-58183                   │
│                                  ├────────────────┤          │        │                   │                ├──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58186 │          │        │                   │                │ Despite HTTP headers having a default limit of 1MB, the      │
│                                  │                │          │        │                   │                │ number of...                                                 │
│                                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-58186                   │
│                                  ├────────────────┤          │        │                   ├────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58187 │          │        │                   │ 1.24.9, 1.25.3 │ Due to the design of the name constraint checking algorithm, │
│                                  │                │          │        │                   │                │ the proce...                                                 │
│                                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-58187                   │
│                                  ├────────────────┤          │        │                   ├────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58188 │          │        │                   │ 1.24.8, 1.25.2 │ Validating certificate chains which contain DSA public keys  │
│                                  │                │          │        │                   │                │ can cause ......                                             │
│                                  │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2025-58188                   │
└──────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘

Suppressed Vulnerabilities (Total: 2)

┌─────────────────┬────────────────┬──────────┬──────────────┬──────────────────────────────────┬──────────────┐
│     Library     │ Vulnerability  │ Severity │    Status    │            Statement             │    Source    │
├─────────────────┼────────────────┼──────────┼──────────────┼──────────────────────────────────┼──────────────┤
│ helm.sh/helm/v3 │ CVE-2025-53547 │ HIGH     │ not_affected │ inline_mitigations_already_exist │ win-vex.json │
├─────────────────┼────────────────┤          │              │                                  │              │
│ stdlib          │ CVE-2025-47907 │          │              │                                  │              │
└─────────────────┴────────────────┴──────────┴──────────────┴──────────────────────────────────┴──────────────┘

Actual Behavior

Total: 7 (HIGH: 7, CRITICAL: 0)

┌──────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────┬──────────────────────────────────────────────────────────────┐
│             Library              │ Vulnerability  │ Severity │ Status │ Installed Version │  Fixed Version  │                            Title                             │
├──────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ github.com/containerd/containerd │ CVE-2024-25621 │ HIGH     │ fixed  │ v1.7.27           │ 1.7.29          │ containerd is an open-source container runtime. Versions     │
│                                  │                │          │        │                   │                 │ 0.1.0 through ...                                            │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2024-25621                   │
├──────────────────────────────────┼────────────────┤          │        ├───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ helm.sh/helm/v3                  │ CVE-2025-53547 │          │        │ v3.17.3           │ 3.18.4, 3.17.4  │ helm.sh/helm/v3: Helm Chart Code Execution                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-53547                   │
├──────────────────────────────────┼────────────────┤          │        ├───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ stdlib                           │ CVE-2025-47907 │          │        │ v1.24.4           │ 1.23.12, 1.24.6 │ database/sql: Postgres Scan Race Condition                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-47907                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58183 │          │        │                   │ 1.24.8, 1.25.2  │ golang: archive/tar: Unbounded allocation when parsing GNU   │
│                                  │                │          │        │                   │                 │ sparse map                                                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58183                   │
│                                  ├────────────────┤          │        │                   │                 ├──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58186 │          │        │                   │                 │ Despite HTTP headers having a default limit of 1MB, the      │
│                                  │                │          │        │                   │                 │ number of...                                                 │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58186                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58187 │          │        │                   │ 1.24.9, 1.25.3  │ Due to the design of the name constraint checking algorithm, │
│                                  │                │          │        │                   │                 │ the proce...                                                 │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58187                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58188 │          │        │                   │ 1.24.8, 1.25.2  │ Validating certificate chains which contain DSA public keys  │
│                                  │                │          │        │                   │                 │ can cause ......                                             │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58188                   │
└──────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────┴──────────────────────────────────────────────────────────────┘

Reproduction Steps

1.JFrog Platform Enterprise Plus 7.98.19 rev 79819900 
2.Create a VEX file: my-local-vex.json
3.Attach the VEX attestation from command line :
cosign attest --predicate my-local-vex.json --type openvex my-oci-unstable.repos.jfrog.artifact.lab/ccn-cnfoperator-img@sha256:b1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758
`
4. I can check that the attestation is properly from the command line:
cosign verify-attestation my-oci-unstable.repos.jfrog.artifact.lab/ccn-cnfoperator-img@sha256:b1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758 --type openvex --certificate-identity=myId --certificate-oidc-issuer=https://github.com/login/oauth | jq -r '.payload' | base64 --decode | jq -r
5. Unlike trivy image scan with local VEX file, this command line does not show suppressed CVEs:
trivy image --vex oci --show-suppressed --server https://trivy.dos.tech.lab --severity HIGH,CRITICAL --ignore-unfixed --pkg-types os,library --exit-on-eol 1 --scanners my-oci-unstable.repos.jfrog.artifact.lab/ccn-cnfoperator-img@sha256:b1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758

Target

Container Image

Scanner

Vulnerability

Output Format

None

Mode

Client/Server

Debug Output

2025-11-20T14:37:23+01:00       DEBUG   No plugins loaded
2025-11-20T14:37:23+01:00       DEBUG   Default config file "file_path=trivy.yaml" not found, using built in values
2025-11-20T14:37:23+01:00       DEBUG   Cache dir       dir="/home/xxxx/.cache/trivy"
2025-11-20T14:37:23+01:00       DEBUG   Cache dir       dir="/home/xxxx/.cache/trivy"
2025-11-20T14:37:23+01:00       DEBUG   Parsed severities       severities=[HIGH CRITICAL]
2025-11-20T14:37:23+01:00       DEBUG   Ignore statuses statuses=[0 1 2 4 5 6 7]
2025-11-20T14:37:23+01:00       DEBUG   [pkg] Package types     types=[os library]
2025-11-20T14:37:23+01:00       DEBUG   [pkg] Package relationships     relationships=[unknown root workspace direct indirect]
2025-11-20T14:37:23+01:00       INFO    [vuln] Vulnerability scanning is enabled
2025-11-20T14:37:23+01:00       DEBUG   [notification] Running version check
2025-11-20T14:37:23+01:00       DEBUG   [notification] Version check completed  latest_version="0.67.2"
2025-11-20T14:37:24+01:00       DEBUG   [image] Image found     image="my-oci-unstable.repos.jfrog.artifact.lab/ccn-cnfoperator-img@sha256:b1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758" source="remote"
2025-11-20T14:37:24+01:00       DEBUG   Created process-specific temp directory path="/tmp/user/1000/trivy-149282"
2025-11-20T14:37:24+01:00       DEBUG   [image] Detected image ID       image_id="sha256:633b75c17f8bbfd3b085bfc85f01ee02cc7ef6ccbf1f760fb15f256e1c61ae25"
2025-11-20T14:37:24+01:00       DEBUG   [image] Detected diff ID        diff_ids=[sha256:7c76c8b384d5823f659d49db27f4e880ed1102c76e717160b9085855233135c8 sha256:bc20b96670742fb3960fa29572bd477bf72892d4ba702fa7943f5c9d74032327 sha256:a55edbc390b54ff67b96a5e9f7a05e68d7cf2d0ff003d2df148c70dff22a07e2 sha256:110d5492fe1be0cb74590e1c7ec32ac4532ac057c9525c9b35c6395bce5c2766 sha256:d1041b0fd2450df794193100c868b4f9a04a99ec4563c705b0870b53d0f25558 sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef]
2025-11-20T14:37:24+01:00       DEBUG   [image] Detected base layers    diff_ids=[]
2025-11-20T14:37:24+01:00       DEBUG   Specified ignore file does not exist    file=".trivyignore"
2025-11-20T14:37:25+01:00       INFO    [vex] No VEX attestations found type="oci" purl="pkg:oci/ccn-cnfoperator-img@sha256%3Ab1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758?arch=amd64&repository_url=my-oci-unstable.repos.jfrog.artifact.lab/ccn-cnfoperator-img"
2025-11-20T14:37:25+01:00       DEBUG   [vex] VEX filtering is disabled

Report Summary
manager (gobinary)

Total: 7 (HIGH: 7, CRITICAL: 0)

┌──────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬─────────────────┬──────────────────────────────────────────────────────────────┐
│             Library              │ Vulnerability  │ Severity │ Status │ Installed Version │  Fixed Version  │                            Title                             │
├──────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ github.com/containerd/containerd │ CVE-2024-25621 │ HIGH     │ fixed  │ v1.7.27           │ 1.7.29          │ containerd is an open-source container runtime. Versions     │
│                                  │                │          │        │                   │                 │ 0.1.0 through ...                                            │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2024-25621                   │
├──────────────────────────────────┼────────────────┤          │        ├───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ helm.sh/helm/v3                  │ CVE-2025-53547 │          │        │ v3.17.3           │ 3.18.4, 3.17.4  │ helm.sh/helm/v3: Helm Chart Code Execution                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-53547                   │
├──────────────────────────────────┼────────────────┤          │        ├───────────────────┼─────────────────┼──────────────────────────────────────────────────────────────┤
│ stdlib                           │ CVE-2025-47907 │          │        │ v1.24.4           │ 1.23.12, 1.24.6 │ database/sql: Postgres Scan Race Condition                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-47907                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58183 │          │        │                   │ 1.24.8, 1.25.2  │ golang: archive/tar: Unbounded allocation when parsing GNU   │
│                                  │                │          │        │                   │                 │ sparse map                                                   │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58183                   │
│                                  ├────────────────┤          │        │                   │                 ├──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58186 │          │        │                   │                 │ Despite HTTP headers having a default limit of 1MB, the      │
│                                  │                │          │        │                   │                 │ number of...                                                 │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58186                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58187 │          │        │                   │ 1.24.9, 1.25.3  │ Due to the design of the name constraint checking algorithm, │
│                                  │                │          │        │                   │                 │ the proce...                                                 │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58187                   │
│                                  ├────────────────┤          │        │                   ├─────────────────┼──────────────────────────────────────────────────────────────┤
│                                  │ CVE-2025-58188 │          │        │                   │ 1.24.8, 1.25.2  │ Validating certificate chains which contain DSA public keys  │
│                                  │                │          │        │                   │                 │ can cause ......                                             │
│                                  │                │          │        │                   │                 │ https://avd.aquasec.com/nvd/cve-2025-58188                   │
└──────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────┴──────────────────────────────────────────────────────────────┘
2025-11-20T14:37:25+01:00       DEBUG   Cleaning up temp directory      path="/tmp/user/1000/trivy-149282"

Operating System

Ubuntu 24.04.3 LTS

Version

Version: 0.67.2
Vulnerability DB:
  Version: 2
  UpdatedAt: 2025-11-06 12:29:02.586671857 +0000 UTC
  NextUpdate: 2025-11-07 12:29:02.586671557 +0000 UTC
  DownloadedAt: 2025-11-06 16:12:49.442000452 +0000 UTC
Java DB:
  Version: 1
  UpdatedAt: 2025-10-07 00:54:58.256921666 +0000 UTC
  NextUpdate: 2025-10-10 00:54:58.256921426 +0000 UTC
  DownloadedAt: 2025-10-07 12:50:41.946790612 +0000 UTC

Checklist

Run trivy clean --all
Read the troubleshooting

DmitriyLewen · 2025-11-20T14:20:18Z

DmitriyLewen
Nov 20, 2025
Maintainer

Hello @rcarre

You can create report in CycloneDX format and check purl from metadata.component.purl field.

Regards, Dmitriy

1 reply

rcarre Nov 20, 2025
Author

Thx for your reply @DmitriyLewen
What you are suggesting is exactly what I did. I got this purl from CycloneDX format from key metadata.component.purl:

  "metadata": {
    "component": {
      "purl": "pkg:oci/ccn-cnfoperator-img@sha256%3Ab1055be9a4f1cb8b9147cf6762ca12648fb1d71752a2ff486279efc18e95c758?arch=amd64&repository_url=my-oci-unstable.repos.jfrog.artifact.lab%2Fccn-cnfoperator-img",
    }
  }

By the way, trivy is working fine with a local VEX file ... exactly the same which I attached & uploaded the attestation

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

trivy does not manage VEX attestation as expected with option --vex oci #9833

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

trivy does not manage VEX attestation as expected with option --vex oci #9833

Uh oh!

rcarre Nov 20, 2025

Description

Desired Behavior

Actual Behavior

Reproduction Steps

Target

Scanner

Output Format

Mode

Debug Output

Operating System

Version

Checklist

Replies: 1 comment · 1 reply

Uh oh!

DmitriyLewen Nov 20, 2025 Maintainer

Uh oh!

rcarre Nov 20, 2025 Author

rcarre
Nov 20, 2025

Replies: 1 comment 1 reply

DmitriyLewen
Nov 20, 2025
Maintainer

rcarre Nov 20, 2025
Author