aquasecurity trivy Q A · Discussions · GitHub

Share with us your favourite part about Trivy
Adopters AnaisUrlichs

Sort by: Latest activity

Q&A Discussions

Ask the community for help

You must be logged in to vote

trivy does not manage VEX attestation as expected with option --vex oci
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
rcarre asked Nov 20, 2025 in Q&A · Unanswered

14
You must be logged in to vote

Override built-in check severity
triage/support Indicates an issue that is a support question. scan/misconfiguration Issues relating to misconfiguration scanning
jamesrwhite asked Nov 10, 2025 in Q&A · Unanswered

2
You must be logged in to vote

Why is component.evidence.occurrences.location not populated in CycloneDX SBOMs?
triage/support Indicates an issue that is a support question.
3nol asked Nov 19, 2025 in Q&A · Closed · Answered

1
You must be logged in to vote

downloadLocation is almost always NONE in SPDX format
triage/support Indicates an issue that is a support question.
apenumacha asked Nov 18, 2025 in Q&A · Unanswered

1
You must be logged in to vote

IgnorePolicy

WineBarProstejov asked Nov 12, 2025 in Q&A · Closed · Unanswered

1
You must be logged in to vote

Multiple CVEs reported in Trivy 0.67.2 - are any exploitable?
triage/support Indicates an issue that is a support question.
candrews asked Nov 17, 2025 in Q&A · Unanswered

1
You must be logged in to vote

Error "semaphore acquire: context deadline exceeded" when running Trivy fs scan on WildFly repository
triage/support Indicates an issue that is a support question.
pooja0805 asked Nov 3, 2025 in Q&A · Unanswered

17
You must be logged in to vote

Ignoring misconfigurations for specific K8s resources
triage/support Indicates an issue that is a support question.
fgreinacher asked Feb 28, 2025 in Q&A · Unanswered

9
You must be logged in to vote

CycloneDX SBOM components > scope field
triage/support Indicates an issue that is a support question.
nigellh asked Nov 11, 2025 in Q&A · Unanswered

4
You must be logged in to vote

Is trivy fs --list-all-pkgs suppose to show excluded transitive vulnerabilities?
triage/support Indicates an issue that is a support question.
mjia265 asked Nov 6, 2025 in Q&A · Unanswered

1
You must be logged in to vote

Unable to ignore OS packages by name
triage/support Indicates an issue that is a support question.
rungitringit asked Oct 28, 2025 in Q&A · Answered

26
You must be logged in to vote

Terraform raw and json schema examples
triage/support Indicates an issue that is a support question.
micsinyei asked Oct 27, 2025 in Q&A · Answered

3
You must be logged in to vote

Need support with severity selection
triage/support Indicates an issue that is a support question.
hexkoda asked Oct 31, 2025 in Q&A · Closed · Answered

2
You must be logged in to vote

How to scan a single fat jar file
triage/support Indicates an issue that is a support question.
apollo13 asked Oct 27, 2025 in Q&A · Closed · Answered

2
You must be logged in to vote

false detection in alpine latest docker images
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
arunvc asked Oct 23, 2025 in Q&A · Unanswered

3
You must be logged in to vote

Recently released etcd v3.4.38 gives a false positive
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
ivanvc asked Oct 22, 2025 in Q&A · Answered

3
You must be logged in to vote

start scan without internet connection
triage/support Indicates an issue that is a support question.
LuckichS asked Oct 22, 2025 in Q&A · Closed · Answered

7
You must be logged in to vote

trivy scan prints different results on simultaneous scans
triage/support Indicates an issue that is a support question.
RomanenkoDenys asked Oct 19, 2025 in Q&A · Unanswered

13
You must be logged in to vote

Trivy doesn't detect open CVEs for conan (1) dependencies (for example related to pcre2)
triage/support Indicates an issue that is a support question.
szigetics asked Oct 20, 2025 in Q&A · Unanswered

1
You must be logged in to vote

Vendor Severity missing for findings from Go Vulnerability Database govulndb
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
oallauddin asked Oct 15, 2025 in Q&A · Unanswered

3
You must be logged in to vote

bug: Java DB update is required when generating SBOMs of images containing Java packages
triage/support Indicates an issue that is a support question.
fabriziosestito asked Oct 15, 2025 in Q&A · Answered

2
You must be logged in to vote

Why trivy can't detect vuls when python requirements.txt files use '>=' to specify package version?
triage/support Indicates an issue that is a support question.
zkhzkhz asked Oct 14, 2025 in Q&A · Closed · Answered

2
You must be logged in to vote

Cannot build from source
triage/support Indicates an issue that is a support question.
clin1234 asked Oct 10, 2025 in Q&A · Closed · Answered

1
You must be logged in to vote

CVE-2025-49844 Redis vulnerability score 10.0 not detected
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
bedla asked Oct 6, 2025 in Q&A · Answered

8
You must be logged in to vote

Need clarification OS Vendor vs programming langage
triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning
sekveaja asked Oct 6, 2025 in Q&A · Unanswered

1