Support for scanning images with redhat 10.1 based images #10194
Replies: 2 comments 1 reply
-
|
Hello @Sahasra-Sagiraju
Regarding the discovered vulnerabilities, are you sure they are OS package vulnerabilities and not language package vulnerabilities? At the moment, Trivy does not support vulnerability scanning for Red Hat 10 RPM packages. Regards, Dmitriy |
Beta Was this translation helpful? Give feedback.
-
You're right. The vulnerabilities found were indeed related to langauge related packages and not OS packages. On a side note, does trivy have any tentative date by when they might support scanning Redhat 10.x OS vulnerabilities? Regards, |
Beta Was this translation helpful? Give feedback.
-
|
Currently, there are several open issues blocking the integration of CSAF VEX into trivy-db. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi trivy team,
I was trivy v0.60.0 while trying to scan images with redhat 10.1 base images and got the error saying it was unable to find CPE indices along with a link to GitHub issue
aquasecurity/trivy-db#435
Where it was said trivy doesn't support redhat 10 image scanning yet.
The doc here:
https://trivy.dev/docs/latest/coverage/os/#supported-os
Only lists sbom creation for images with redhat 10.x OS
But when I try with v0.69.1, vulnerability scanning also works. And sbom creation happens. But for some reason, I see vulnerabilities array is empty in the sbom reports, while the vulnerability report shows a few vulnerabilities.
Does trivy fully support scanning redhat 10 images now with the v0.69.1 binary?
Regards,
Sahasra
Beta Was this translation helpful? Give feedback.
All reactions