aquasecurity trivy Q-a Discussions
Q&A Discussions
Ask the community for help
-
You must be logged in to vote how we can ignore false positive alerts in trivy
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Dev for trivy-azure-pipelines-task?
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Trivy wrongly flagging positive alerts to CVEs in the fixed version of Go library.
scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote Is it intentional that unreviewed vulnerabilities from GitHub Advisory Database are reported on?
scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote Can trivy generate deterministic json?
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote how to find packagePath while scaning docker image
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote False positive CVE-2026-2603 — keycloak-server-spi-private 26.2.14 flagged but Red Hat backported the fix
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Why does Trivy report far more vulnerabilities than Vuls when scanning the same Linux system?
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote VEX SBOM Reference pointing to a private git repository
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Security report to https://github.com/aquasecurity/trivy/security
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Comparison between OSV-Scanner and Trivy
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Trivy does not include Spring Boot 4.0.4+ JAR in SBOM
scan/vulnerabilityIssues relating to vulnerability scanning -
You must be logged in to vote Questions about pinning Trivy version ?
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote False positive: CVE-2025-66418, CVE-2025-66471, python3-urllib3, CVE-2026-21441
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Trivy can't find package outside of package managers while syft find it
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Trivy unable to fs scan with RPM on SLES
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Custom APK added on top of a chainguard built wolfi image leads to not scanning the underlying binary
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote trivy is failing without any error
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote trivy can't find the pubspec.lock file in a container image
scan/vulnerabilityIssues relating to vulnerability scanning target/container-imageIssues relating to container image scanning -
You must be logged in to vote Q & A
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Helm chart trivy the java-db is missing no update like normal DB
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote how we can scan images without proxy
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Unable to parse container in AKS
triage/supportIndicates an issue that is a support question. -
You must be logged in to vote Support for scanning images with redhat 10.1 based images
triage/supportIndicates an issue that is a support question. scan/vulnerabilityIssues relating to vulnerability scanning
