aquasecurity trivy Bugs Discussions
Bugs Discussions
Something doesn't work as expected
-
You must be logged in to vote Trivy 0.42.0 creates invalid cyclonedx
kind/bugCategorizes issue or PR as related to a bug. triage/duplicateIndicates an issue is a duplicate of other open issue. -
You must be logged in to vote Trivy 0.42.0 crashes with "unsupported type bitnami" message
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote PNPM scanning is broken
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Scanning of pom files leads to wrong transitive dependencies
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Issue with files array in v0.41.0
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote semaphore acquire: context deadline exceeded
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Genetic Sequences are recognized as AWS keys
kind/bugCategorizes issue or PR as related to a bug. help wantedDenotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. good first issueDenotes an issue ready for a new contributor, according to the "help wanted" guidelines. -
You must be logged in to vote Incorrect mapping of Applicable versions for CVE-2023-28858 & CVE-2023-28859
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Trivy terraform misconfiguration scan not picking up files one directory below another file.
kind/bugCategorizes issue or PR as related to a bug. lifecycle/staleDenotes an issue or PR has remained open with no activity and will be auto-closed. scan/misconfigurationIssues relating to misconfiguration scanning -
You must be logged in to vote trivy does not report AVD-AZU-0011 where tfsec does
kind/bugCategorizes issue or PR as related to a bug. scan/misconfigurationIssues relating to misconfiguration scanning -
You must be logged in to vote CycloneDX output can contain duplicate
kind/bugdependsOnitems, making the BOM invalidCategorizes issue or PR as related to a bug. -
You must be logged in to vote Platform flag is being ignored when scanning an image
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote --file-patterns doesn't match kubernetes manifests
kind/bugCategorizes issue or PR as related to a bug. scan/misconfigurationIssues relating to misconfiguration scanning target/filesystemIssues relating to filesystem scanning -
You must be logged in to vote False alarm of USER command in Dockerfile for docker-cis compliance
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote license information of several components is incorrect when creating sbom
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote trivy do not scan vulnerabilities on
kind/bugtrivy k8s ...sub commandCategorizes issue or PR as related to a bug. -
You must be logged in to vote Addeding an OCI referrer using aquasecurity/trivy-plugin-referrer fails with "goroutine stack exceeds 1000000000-byte limit"
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote timeout is not working as expected
kind/bugCategorizes issue or PR as related to a bug. lifecycle/staleDenotes an issue or PR has remained open with no activity and will be auto-closed. -
You must be logged in to vote Trivy can hang if an error occurs scanning a container image with --slow option
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote multiple secrets in the same line not detected properly
kind/bugCategorizes issue or PR as related to a bug. scan/secretIssues relating to secret scanning -
You must be logged in to vote File Location Missing in Licence Scan Output
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Vulnerabilities identified in a scan using Trivy can differ depending on whether an image or an SBOM is used.
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote FATAL: get k8s artifacts with node info error: failed listing resources for gvr: apps/v1, Resource=deployments - Get "https://17445F7FD07FE5246FBFE67AD1C0AEC7.gr7.ap-northeast-1.eks.amazonaws.com/apis/apps/v1/deployments": getting credentials: exec: executable aws failed with exit code 255
kind/bugCategorizes issue or PR as related to a bug. -
You must be logged in to vote Ingress-nginx "server-tokens" parameter reported as unsafe
kind/bugCategorizes issue or PR as related to a bug. lifecycle/staleDenotes an issue or PR has remained open with no activity and will be auto-closed. scan/misconfigurationIssues relating to misconfiguration scanning -
You must be logged in to vote BUG: Non-fatal permissions errors for files in /etc when Trivy container is run as non-root
kind/bugCategorizes issue or PR as related to a bug. lifecycle/staleDenotes an issue or PR has remained open with no activity and will be auto-closed.
