aquasecurity trivy False Detection · Discussions · GitHub

Sort by: Latest activity

Categories

False Detection Discussions

False positives/negatives

You must be logged in to vote

aiohttp v3.8.5

doronguttman started Aug 7, 2023 in False Detection · Closed

1
You must be logged in to vote

Enable rotation on asymmetric keys is imposibile since AWS doesn't support that

nathanbowang started Aug 4, 2023 in False Detection

1
You must be logged in to vote

False positieve from incorrect terraform parsing for AVD-AWS-0107
scan/misconfiguration Issues relating to misconfiguration scanning
denisovval started Jul 6, 2023 in False Detection

4
You must be logged in to vote

aiohttp v3.8.5 false positive

rubur-webbeds started Jul 31, 2023 in False Detection · Closed

2
You must be logged in to vote

CVE-2023-2976 (Guava vulnerability)
scan/vulnerability Issues relating to vulnerability scanning
brfrn169 started Jul 18, 2023 in False Detection · Closed

7
You must be logged in to vote

[Edge case] Missing key for fixed version
scan/vulnerability Issues relating to vulnerability scanning
ronniee007 started Jul 7, 2023 in False Detection · Closed

3
You must be logged in to vote

False positive for bind-license package in centos:7 image

tspearconquest started Jul 20, 2023 in False Detection · Closed

3
You must be logged in to vote

Trivy misdetecting ehcache 2.10.9.2 as being jackson and other Java libraries

chadlwilson started Jul 23, 2023 in False Detection · Closed

1
You must be logged in to vote

CVE-2022-3715 reported as LOW when it's actually HIGH

huornlmj started Jul 17, 2023 in False Detection · Closed

4
You must be logged in to vote

CVE-2023-33170 (.Net vulnerability) indicated for .Net 6.0.20, but referenced data source indicates this version is fixed

HughSayer started Jul 13, 2023 in False Detection · Closed

3
You must be logged in to vote

CRITICAL: AWS (aws-access-key-id)

pete911 started Jul 14, 2023 in False Detection · Closed

1
You must be logged in to vote

CVE-2023-33170 false positive in net 6.0.20 app
triage/duplicate Indicates an issue is a duplicate of other open issue.
Ismael-Pep started Jul 14, 2023 in False Detection · Closed

2
You must be logged in to vote

False positive CVE-2022-4065 reported against org.testng:testng (testng-7.7.1.jar)

navzen2000 started Jul 10, 2023 in False Detection · Closed

1
You must be logged in to vote

Trivy does not detect an AsymmetricPrivateKey in container image when it is scanning for secrets and vulns at the same time

jiridanek started Jul 6, 2023 in False Detection · Closed

11
You must be logged in to vote

False Positive: CVE-2017-12621 commons-jelly 1.0.1
kind/security-advisory Categorizes issue or PR as related to security advisories.
sekveaja started Jul 4, 2023 in False Detection · Closed

2
You must be logged in to vote

Missing Container Scan Result for CVE-2023-24329 / USN-5960-1

joe-cheuk started Jun 15, 2023 in False Detection

16
You must be logged in to vote

False positive over pax-logging-log4j2-1.11.10.jar

gdelbos started Jun 16, 2023 in False Detection

5
You must be logged in to vote

False Positive CVE-2022-24903 reported on rsyslog 8.24.0-57.0.3.el7_9.3 against Oracle Linux 7

navzen2000 started Jun 19, 2023 in False Detection · Closed

2
You must be logged in to vote

GoLang Prometheus module versions trigger false CVE-2019-3826 alert

ksylvan started May 26, 2023 in False Detection · Closed

9
You must be logged in to vote

RLSA-2023:1141 not detected with container os scan

joe-cheuk started Jun 13, 2023 in False Detection · Closed

2
You must be logged in to vote

python redis listed, even though it got withdrawn

jegger started Jun 12, 2023 in False Detection · Closed

2
You must be logged in to vote

Add support to say whether an dependency is Direct
kind/feature Categorizes issue or PR as related to a new feature.
john-d8r started Jun 7, 2023 in False Detection

0
You must be logged in to vote

Incorrect mapping of Applicable versions for CVE-2023-28858 & CVE-2023-28859
kind/security-advisory Categorizes issue or PR as related to security advisories.
sreecharanguduri started May 25, 2023 in False Detection · Closed

8
You must be logged in to vote

AWS Account ID detected as a secret although it's not a secret

AXDOOMER started May 29, 2023 in False Detection · Closed

6
You must be logged in to vote

CVE-2021-29063 detected in version 1.3.0 of mpmath

creste started May 30, 2023 in False Detection · Closed

3