aquasecurity trivy False Detection · Discussions · GitHub

Sort by: Latest activity

Categories

False Detection Discussions

False positives/negatives

You must be logged in to vote

Nokogiri dependencies.yml RSA KEY false positive

wagnerpereira started Dec 12, 2023 in False Detection · Closed

3
You must be logged in to vote

Incomplete Vulnerability Detection for google-cloud-storage:2.23.0

sagic-orca started Dec 5, 2023 in False Detection · Closed

1
You must be logged in to vote

CVE-2022-22965 detected in Spring Boot 3.2.0

DarkAtra started Nov 24, 2023 in False Detection · Closed

2
You must be logged in to vote

False positive: CVE-2022-36087 not affected in SLES 15 SP4, SP5

sekveaja started Nov 24, 2023 in False Detection

1
You must be logged in to vote

Trivy doesn not detect CVE-2023-31419 for elasticsearch-7.10.2.jar
scan/vulnerability Issues relating to vulnerability scanning
navzen2000 started Nov 14, 2023 in False Detection · Closed

20
You must be logged in to vote

Python 3.6.8 Pip 9.0.3 vulnerabilities not detected
scan/vulnerability Issues relating to vulnerability scanning
matjawor started Nov 21, 2023 in False Detection

1
You must be logged in to vote

False alibaba-access-key-id detection in pnpm cache for @types/react.json

vonazt started Nov 20, 2023 in False Detection · Closed

1
You must be logged in to vote

AVD-GIT-0001 false positive
scan/misconfiguration Issues relating to misconfiguration scanning
stevehipwell started Oct 4, 2023 in False Detection

6
You must be logged in to vote

CVE-2023-4863 is not detected in Sharp NPM package
kind/security-advisory Categorizes issue or PR as related to security advisories. scan/vulnerability Issues relating to vulnerability scanning
saars-orca started Nov 5, 2023 in False Detection · Closed

1
You must be logged in to vote

CVE-2023-44487 was not detected in jar file
kind/security-advisory Categorizes issue or PR as related to security advisories.
DuyTran-TomTom started Nov 1, 2023 in False Detection

1
You must be logged in to vote

nginx 3rd party package detection on alpine

jkroepke started Oct 23, 2023 in False Detection · Closed

4
You must be logged in to vote

Trivy not detecting Terraform misconfiguration when private Terraform modules in-use

bkonicek-calm started Oct 19, 2023 in False Detection · Closed

4
You must be logged in to vote

Unexpected vulnerability detected in package(nss)

JwishPark started Oct 18, 2023 in False Detection

1
You must be logged in to vote

Trivy suggest upgrading to a version that doesn't exist, but exist for a similar dependency
scan/vulnerability Issues relating to vulnerability scanning
AXDOOMER started Oct 14, 2023 in False Detection

2
You must be logged in to vote

False positive for CVE-2023-33246 in apache/rocketmq:4.9.7
scan/vulnerability Issues relating to vulnerability scanning
aleksandradrobnjak started Oct 9, 2023 in False Detection

3
You must be logged in to vote

CVE-2023-0105 - request to update Trivy database impacting Keycloak
scan/vulnerability Issues relating to vulnerability scanning
abstractj started Oct 5, 2023 in False Detection · Closed

1
You must be logged in to vote

Trivy .jar image scan does not find some CVEs compared to OWASP Depedency check tool

bedla started Sep 7, 2023 in False Detection

4
You must be logged in to vote

fix(misconf): false positive avd-gcp-0029 when subnet has REGIONAL_MANAGED_PROXY or GLOBAL_MANAGED_PROXY purpose field

mcinquin started Sep 25, 2023 in False Detection · Closed

1
You must be logged in to vote

fix(misconf): false positive avd-gcp-0029 when subnet has REGIONAL_MANAGED_PROXY or GLOBAL_MANAGED_PROXY purpose field

mcinquin started Sep 25, 2023 in False Detection · Closed

1
You must be logged in to vote

False positive for CVE-2023-1108 undertow-core
kind/security-advisory Categorizes issue or PR as related to security advisories.
bvahdat started Sep 20, 2023 in False Detection · Closed

2
You must be logged in to vote

Trivy is reporting XML file "entry key" with exactly 40 chars long as AWS Secret Access Key (CRITICAL Vulnerability)

ejtavares started Sep 12, 2023 in False Detection

3
You must be logged in to vote

False positive of AVD-AWS-0010 Configure Cloudfront logging

LesterTheTester started Sep 14, 2023 in False Detection

2
You must be logged in to vote

CVE-2022-31692 detected on spring-security-core but should be spring-security-web only

mischa-n started Sep 5, 2023 in False Detection · Closed

7
You must be logged in to vote

False Positive - Code scanning - CFT- SQS Queue Unencrypted Finding
scan/misconfiguration Issues relating to misconfiguration scanning
tzurielweisberg started Sep 7, 2023 in False Detection · Closed

2
You must be logged in to vote

Trivy flagged vulnerability in my project for artifact com.google.guava version 11.0.2 which is not exit in my app

onkarnarkar started May 25, 2023 in False Detection

5