Discussions

• 1 You must be logged in to vote

  💡

  Image scan with native application (multiple BOMs attached to OCI image)

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning

  bedla started Mar 13, 2025 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  failing to detect multiple vulnerable Java dependencies / JARs

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  mbrancato asked Mar 12, 2025 in Q&A · Unanswered

  

  

  5
• 1 You must be logged in to vote

  🙏

  False positive: CVE-2024-1233, CVE-2023-6263, CVE-2024-5971, CVE-2024-7885 on jar file

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  sekveaja asked Mar 12, 2025 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  💡

  SPDX 3?

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning

  rossburton started Mar 5, 2025 in Ideas

  

  

  1
• 1 You must be logged in to vote

  🙏

  CVE-2024-38095 - nuget (powershell)

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning scan/sbom Issues relating to SBOM

  joewragg asked Sep 13, 2024 in Q&A · Unanswered

  

  

  

  

  5
• 1 You must be logged in to vote

  💡

  Add support for the Mageia distribution

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning

  dfandrich started Feb 15, 2025 in Ideas

  

  

  2
• 5 You must be logged in to vote

  🙏

  CVE Detection on VSCode Extension

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  raghur-orca asked Feb 13, 2024 in Q&A · Unanswered

  

  

  

  

  10
• 1 You must be logged in to vote

  🙏

  Vulnerability scans of splunk-library-javalogging 1.11.8 produce no findings where Maven has high CVEs

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  AustinIvey asked Feb 4, 2025 in Q&A · Answered

  

  

  1
• 1 You must be logged in to vote

  🙏

  .NET CVEs not detected

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  dmduggan asked Jan 24, 2025 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  💡

  Support for dynamic VEX retrieval from "External References" of SBOMs

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning

  RingoDev started Dec 4, 2024 in Ideas

  

  

  

  

  15
• 2 You must be logged in to vote

  💡

  Add support for podman in daemon-less mode (without podman.sock)

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  nicolaevladescu started Jan 20, 2025 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  Trivy Scan of Java pom.xml breaks

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  Orrimp asked Dec 13, 2024 in Q&A · Unanswered

  

  

  3
• 1 You must be logged in to vote

  🙏

  How can we avoid having a CVE multiple times ?

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  TheTricky65 asked Dec 12, 2024 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  🙏

  META-INF pom is considered as a vulnerability

  scan/vulnerability Issues relating to vulnerability scanning

  o-shevchenko asked Dec 20, 2023 in Q&A · Unanswered

  

  

  9
• 1 You must be logged in to vote

  💡

  feat(vex): dependency tree checking with vex-repos

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning

  lbu-hlx started Nov 19, 2024 in Ideas

  

  

  

  

  8
• 2 You must be logged in to vote

  💡

  Provide support to add parameter either to specify location of settings.xml or provide a way to share settings id when running Trivy Scans

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/filesystem Issues relating to filesystem scanning

  arkajnag23 started Dec 3, 2024 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  trivy image doesn't scan conda environment files

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  duncanmmacleod asked Nov 20, 2024 in Q&A · Answered

  

  

  

  

  8
• 1 You must be logged in to vote

  💡

  Support scanning conda environments with arbitrary prefix

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  duncanmmacleod started Nov 21, 2024 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  Inconsistent results between SBOM generated by syft and direct trivy image scan

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  Sinderella asked Nov 1, 2024 in Q&A · Answered

  

  

  1
• 1 You must be logged in to vote

  💡

  Supporting pull-through registry cache/proxy for OCI database

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  Patrick-Remy started Oct 29, 2024 in Ideas

  

  

  

  

  3
• 1 You must be logged in to vote

  💡

  Trivy should support reporting the end of life date for Ubuntu 24.10

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  itsdean started Oct 24, 2024 in Ideas

  

  

  0
• 1 You must be logged in to vote

  🙏

  Trivy not detecting a known CVE (traefik)

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  mcarbonne asked Oct 15, 2024 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  💡

  List all known vulnerabilities CVEs in the database

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning

  huornlmj started Oct 1, 2024 in Ideas

  

  

  1
• 1 You must be logged in to vote

  🙏

  Trivy unable to detect ELSA based fixes for Go lang binaries

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  navzen2000 asked Oct 9, 2024 in Q&A · Unanswered

  

  

  3
• 1 You must be logged in to vote

  🙏

  dotnet dependencies CVE not found in trivy image scan

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  jmonsma asked Oct 9, 2024 in Q&A · Unanswered

  

  

  1