aquasecurity trivy · Discussions · GitHub

Trivy security incident 2026-03-01
Announcements itaysk

Discussions

You must be logged in to vote

False positives when running a scan from a filesystem or a SBOM
kind/bug Categorizes issue or PR as related to a bug. scan/vulnerability Issues relating to vulnerability scanning scan/sbom Issues relating to SBOM
athiol started Feb 8, 2023 in False Detection

2
You must be logged in to vote

Trivy unable to fs scan with RPM on SLES
triage/support Indicates an issue that is a support question.
paul25w asked Mar 10, 2026 in Q&A · Unanswered

1
You must be logged in to vote

Trivy v0.69.2 fails to scan python:3.12.13-slim with invalid tar header
kind/bug Categorizes issue or PR as related to a bug. target/container-image Issues relating to container image scanning
akashkumar975 started Mar 7, 2026 in Bugs

4
You must be logged in to vote

Custom APK added on top of a chainguard built wolfi image leads to not scanning the underlying binary
scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
devinbfergy asked Mar 10, 2026 in Q&A · Unanswered

1
You must be logged in to vote

trivy is failing without any error
triage/support Indicates an issue that is a support question.
sg-mkparasar asked Mar 10, 2026 in Q&A · Unanswered

1
You must be logged in to vote

Feature: Option to use CVSS 4.0 for severity classification when available
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
nitishtw started Mar 11, 2026 in Ideas

0
You must be logged in to vote

trivy can't find the pubspec.lock file in a container image
scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
kimsungmin1 asked Mar 9, 2026 in Q&A · Unanswered

2
You must be logged in to vote

Nil Pointer Dereference in Terraform Plan JSON Parser
kind/bug Categorizes issue or PR as related to a bug.
pxp928 started Mar 9, 2026 in Bugs

3
You must be logged in to vote

package-lock.json with invalid license array causes the whole file to be skipped
triage/support Indicates an issue that is a support question. scan/license Issues relating to license scanning
silverwind asked Feb 2, 2026 in Q&A · Unanswered

13
You must be logged in to vote

Trivy security incident 2026-03-01

itaysk announced Mar 1, 2026 in Announcements

97
You must be logged in to vote

Trivy Ignore Alias only allowed upper case
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/cloud Issues relating to cloud account scanning
commodore-84 started Feb 26, 2026 in Bugs

1
You must be logged in to vote

Support for Perl
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
AndreyMZ started Mar 5, 2026 in Ideas

0
You must be logged in to vote

v0.69.3

aqua-bot announced Mar 3, 2026 in Announcements

2
You must be logged in to vote

Unable to generate SBOM for VMDK: failed to parse disk descriptor
kind/bug Categorizes issue or PR as related to a bug.
fad3t started Mar 4, 2026 in Bugs

0
You must be logged in to vote

Q & A
triage/support Indicates an issue that is a support question.
gideonekpenyong00-dot asked Feb 10, 2026 in Q&A · Unanswered

5
You must be logged in to vote

mssql-jdbc - potential false positive on CVE-2025-59250 with mssql-jdbc 12.2.1.jre11

concreted started Nov 4, 2025 in False Detection

15
You must be logged in to vote

Parsing Gradle verification-metadata.xml files
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
NordCoderd started Mar 3, 2026 in Ideas

0
You must be logged in to vote

Flag to filter non-vulnerabilities
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
ogmueller started Mar 3, 2026 in Ideas

0
You must be logged in to vote

Scan GitHub Actions workflows for misconfiguration issues
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/repository Issues relating to VCS repository scanning
nicwortel started Mar 2, 2026 in Ideas

2
You must be logged in to vote

Helm chart trivy the java-db is missing no update like normal DB
triage/support Indicates an issue that is a support question.
marinhio75 asked Feb 12, 2026 in Q&A · Unanswered

7
You must be logged in to vote

Add support for misconfig to apko
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/container-image Issues relating to container image scanning
felipeng started Feb 18, 2026 in Ideas

1
You must be logged in to vote

v0.69.2

aqua-bot announced Mar 1, 2026 in Announcements

0
You must be logged in to vote

WASM module memory leak: free() called with wrong number of arguments
kind/bug Categorizes issue or PR as related to a bug.
MisLink started Feb 28, 2026 in Bugs

0
You must be logged in to vote

Share with us your favourite part about Trivy

AnaisUrlichs started Jan 9, 2024 in Adopters

28
You must be logged in to vote

how we can scan images without proxy
triage/support Indicates an issue that is a support question.
jainpratik163 asked Feb 21, 2026 in Q&A · Unanswered

4