aquasecurity trivy False Detection · Discussions · GitHub

Sort by: Latest activity

Categories

False Detection Discussions

False positives/negatives

You must be logged in to vote

Misconfig of AVD-AWS-0057 with format function not detecting

rangamani54 started Mar 5, 2024 in False Detection · Closed

4
You must be logged in to vote

False detection for S3 encryption (AVD-AWS-0088)

nathanbowang started Sep 27, 2023 in False Detection · Closed

3
You must be logged in to vote

Trivy can't find installed version when scanning images of SpringBoot app

ASarco started Dec 11, 2023 in False Detection

8
You must be logged in to vote

Trivy can't find vulnerable transitive dependency on an image

ASarco started Feb 23, 2024 in False Detection · Closed

8
You must be logged in to vote

AWS Cloudfront Use Secure Tls Policy is not being detected

felipeng started Feb 26, 2024 in False Detection

4
You must be logged in to vote

Terraform modules

lmal54321 started Feb 14, 2024 in False Detection · Closed

3
You must be logged in to vote

Trivy not detecting CVE 2022-37734, 2023-28867, 2024-22233 in jar file

pcbadger started Feb 6, 2024 in False Detection

3
You must be logged in to vote

image misconfiguration incorrect reports "You should use COPY instead of ADD"
scan/misconfiguration Issues relating to misconfiguration scanning
candrews started Jan 17, 2024 in False Detection · Closed

3
You must be logged in to vote

Trivy incorrectly reports vulnerability for non-affected version of logj4j-core CVE-2020-9488
kind/security-advisory Categorizes issue or PR as related to security advisories. scan/vulnerability Issues relating to vulnerability scanning
levinebw started Feb 3, 2024 in False Detection · Closed

5
You must be logged in to vote

bug(misconf): False Positive detection for AVD-AWS-0088

yama-6 started Jan 31, 2024 in False Detection · Closed

1
You must be logged in to vote

CVE-2023-25330 vulnerability has false positives
scan/vulnerability Issues relating to vulnerability scanning
zangcc started Jan 23, 2024 in False Detection

7
You must be logged in to vote

False postive on Debian images

Oneiroi started Jan 24, 2024 in False Detection

0
You must be logged in to vote

mybatis-plus >= 3.5.3.1 but got CVE-2023-25330
triage/duplicate Indicates an issue is a duplicate of other open issue.
nicliuqi started Jan 23, 2024 in False Detection · Closed

1
You must be logged in to vote

[Secret scanning] Trivy mistakenly reports gpg/RSA key hash contained in README (Markdown) as "AWS secret access key"

codethief started Jan 19, 2024 in False Detection · Closed

1
You must be logged in to vote

False positive for CVE-2023-51074

onobc started Jan 17, 2024 in False Detection · Closed

2
You must be logged in to vote

image misconfiguration incorrect reports COPY command has more than two arguments
scan/misconfiguration Issues relating to misconfiguration scanning
candrews started Jan 17, 2024 in False Detection

3
You must be logged in to vote

false negative avd-gcp-0056 with terraform dynamic blocks
scan/misconfiguration Issues relating to misconfiguration scanning
pawelmrowka started Jan 4, 2024 in False Detection · Closed

1
You must be logged in to vote

bug(secret): AWS Secret detection detects strings of 40 characters as false positive
scan/secret Issues relating to secret scanning
christiangonre started Jan 4, 2024 in False Detection · Closed

1
You must be logged in to vote

Trivy does not identify certain imported pom files

ishapirovArnica started Dec 29, 2023 in False Detection · Closed

1
You must be logged in to vote

Incorrect transitive dependencies for pkg:maven/commons-validator/[email protected]

ishapirovArnica started Dec 27, 2023 in False Detection · Closed

1
You must be logged in to vote

No vulnerabilities identified for pkg:maven/org.apache.tomcat.embed/tomcat-embed-core
scan/vulnerability Issues relating to vulnerability scanning
biehl1 started Dec 21, 2023 in False Detection · Closed

1
You must be logged in to vote

False positives on Bitnami packages due to versions with revisions

juan131 started Nov 21, 2023 in False Detection · Closed

5
You must be logged in to vote

IAC - False Positive detection for AVD-AWS-0028 (aws_instance should activate session tokens for Instance Metadata Service)

nishad-aliaqua started Dec 17, 2023 in False Detection · Closed

1
You must be logged in to vote

Trivy did not report on PYSEC-2023-135

donnieelmore started Dec 12, 2023 in False Detection

1
You must be logged in to vote

CVE-2019-8457 - False positive detection

cgargas started Dec 11, 2023 in False Detection · Closed

1