aquasecurity trivy False Detection · Discussions · GitHub

Sort by: Latest activity

Categories

False Detection Discussions

False positives/negatives

You must be logged in to vote

Ansible 7.6.0 being picked up by Trivy for CVE-2020-25636 which is a 3rd party community component (long been fixed)
kind/security-advisory Categorizes issue or PR as related to security advisories.
mig5 started May 28, 2023 in False Detection · Closed

1
You must be logged in to vote

False positive "--no-install-recommends" where it is present at the end of the command
kind/bug Categorizes issue or PR as related to a bug. scan/misconfiguration Issues relating to misconfiguration scanning
daliborfilus started Apr 23, 2023 in False Detection · Closed

4
You must be logged in to vote

salt-minion: Version 3005.1 marks as vulnerable and they are not

rrodriguez-cdmon started May 17, 2023 in False Detection

3
You must be logged in to vote

Zabbix: Version 6.2.9 marks as vulnerable and they are not

rrodriguez-cdmon started May 17, 2023 in False Detection

1
You must be logged in to vote

False positives when running a scan from a filesystem or a SBOM
kind/bug Categorizes issue or PR as related to a bug. scan/vulnerability Issues relating to vulnerability scanning scan/sbom Issues relating to SBOM
athiol started Feb 8, 2023 in False Detection

1
You must be logged in to vote

CIS Docker Check Issue
triage/support Indicates an issue that is a support question.
haoyu1101 started May 11, 2023 in False Detection

0
You must be logged in to vote

CVEs missing even though SBOM lists vulnerable dependency

fawind started Feb 17, 2023 in False Detection

0
You must be logged in to vote

Trivy rootfs scan is reporting false positives for ntp and dhcp RPM libraries with "centos" branding in version

dmarcuccio-solace started Mar 9, 2023 in False Detection

1
You must be logged in to vote

libssl1.1 wrong fix?
triage/support Indicates an issue that is a support question.
partizanes started May 1, 2023 in False Detection

5