Discussions

• 1 You must be logged in to vote

  💡

  How about making trivy available as a pypi.org package?

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning

  seebi started May 14, 2025 in Ideas

  

  

  2
• 1 You must be logged in to vote

  🐛

  Failing a --download-db-only run, deletes db/metadata.json, causing consequent --skip-db-update scans to fail.

  kind/bug Categorizes issue or PR as related to a bug.

  Mikael-Gustavsson started Apr 28, 2025 in Bugs

  

  

  

  

  5
• 8 You must be logged in to vote

  🐛

  bug(vm): running vuln scan on AWS EC2 AMI getting "Supported files for scanner(s) not found" and "OS is not detected"

  kind/bug Categorizes issue or PR as related to a bug. target/vm Issues relating to virtual machine scanning

  richhobbs started Mar 27, 2025 in Bugs

  

  

  1
• 2 You must be logged in to vote

  🐛

  Trivy not detecting wildcards in policy

  hirra-farooq started Nov 6, 2024 in Bugs · Closed

  

  

  

  

  14
• 1 You must be logged in to vote

  🐛

  Panic on scanning images with absent vex attestations.

  kind/bug Categorizes issue or PR as related to a bug.

  RomanenkoDenys started May 12, 2025 in Bugs · Closed

  

  

  4
• 1 You must be logged in to vote

  🔎

  [CVE-2025-31651] tomcat embeded transitive dependency from spring boot

  PrzemekW294 started May 8, 2025 in False Detection

  

  

  1
• 6 You must be logged in to vote

  🐛

  Unknown licenses not detected which are defined in the configuration

  kind/bug Categorizes issue or PR as related to a bug.

  mymichu started May 8, 2025 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  👨‍💻

  a Linux OS packages vulnerabilities from OSV database?

  i-bs started Apr 24, 2025 in Development · Closed

  

  

  2
• 4 You must be logged in to vote

  🐛

  Checks can't be ignored with long-form IDs in .trivyignore

  kind/bug Categorizes issue or PR as related to a bug.

  nekketsuuu started May 9, 2025 in Bugs

  

  

  4
• 2 You must be logged in to vote

  🙏

  How to scan container images in ECR in aws account?

  pritam-yadu asked Mar 3, 2023 in Q&A · Closed · Unanswered

  

  

  

  

  6
• 3 You must be logged in to vote

  💡

  Add support for podman in daemon-less mode (without podman.sock)

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  nicolaevladescu started Jan 20, 2025 in Ideas

  

  

  

  

  10
• 2 You must be logged in to vote

  💡

  Revisit AVD-AWS-0088 aws-s3-enable-bucket-encryption

  kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/cloud Issues relating to cloud account scanning

  nekketsuuu started May 9, 2025 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  Trivy should support scanning podman images in daemon-less mode, without requiring podman.sock

  triage/support Indicates an issue that is a support question.

  nicolaevladescu asked Jan 17, 2025 in Q&A · Closed · Unanswered

  

  

  

  

  2
• 1 You must be logged in to vote

  🙏

  Filtering of system installed files

  triage/support Indicates an issue that is a support question.

  sakky016 asked Apr 29, 2025 in Q&A · Answered

  

  

  

  

  3
• 1 You must be logged in to vote

  🐛

  panic: can't use ElementIterator on unknown value

  kind/bug Categorizes issue or PR as related to a bug.

  joaquin386 started May 6, 2025 in Bugs · Closed

  

  

  2
• 1 You must be logged in to vote

  🐛

  AMI scan fails when AMI contains a block device file

  kind/bug Categorizes issue or PR as related to a bug.

  mpoindexter started May 6, 2025 in Bugs

  

  

  0
• 1 You must be logged in to vote

  📢

  v0.62.1

  aqua-bot announced May 6, 2025 in Announcements

  

  

  0
• 1 You must be logged in to vote

  🐛

  The result of scanning sbom generated by trivy seems wrong

  kind/bug Categorizes issue or PR as related to a bug.

  quinzhi started Apr 21, 2025 in Bugs

  

  

  

  

  3
• 1 You must be logged in to vote

  💡

  Trivy fails to scan Dockerfile with 1.7-labs version syntax

  kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning

  nikpivkin started May 6, 2025 in Ideas

  

  

  2
• 2 You must be logged in to vote

  🐛

  scan fails when we have variables without default values.

  kind/bug Categorizes issue or PR as related to a bug.

  Aashiq-J started May 6, 2025 in Bugs · Closed

  

  

  1
• 4 You must be logged in to vote

  📢

  BREAKING CHANGE: Disable scanning OS packages in fs mode

  DmitriyLewen announced May 6, 2025 in Announcements

  

  

  1
• 3 You must be logged in to vote

  🐛

  Trivy is crashing with "panic: runtime error: invalid memory address or nil pointer dereference" when scanning for HIGH/CRIT vulnerabilities

  kind/bug Categorizes issue or PR as related to a bug.

  gregory-hive started Mar 12, 2025 in Bugs

  

  

  

  

  47
• 1 You must be logged in to vote

  🙏

  Clarification on CSAF VEX feature

  triage/support Indicates an issue that is a support question.

  gost-serb asked Apr 14, 2025 in Q&A · Unanswered

  

  

  

  

  6
• 1 You must be logged in to vote

  🐛

  Panic in 0.62: panic: can't use ElementIterator on unknown value

  kind/bug Categorizes issue or PR as related to a bug.

  acdha started May 5, 2025 in Bugs · Closed

  

  

  2
• 2 You must be logged in to vote

  🔎

  Red Hat 8.6 EUS False positives

  wagde-orca started Jan 5, 2025 in False Detection · Closed

  

  

  7