Discussions

• 7 You must be logged in to vote

  🔎

  mssql-jdbc - potential false positive on CVE-2025-59250 with mssql-jdbc 12.2.1.jre11

  concreted started Nov 4, 2025 in False Detection

  

  

  

  

  12
• 1 You must be logged in to vote

  🔎

  Trivy reports an incorrect libgomp version on Amazon Linux 2023

  pavelnemirovsky started Dec 24, 2025 in False Detection

  

  

  4
• 1 You must be logged in to vote

  🐛

  Cross-Platform Test Results Consistency Between macOS and Ubuntu

  pavelnemirovsky started Dec 18, 2025 in Bugs

  

  

  5
• 1 You must be logged in to vote

  🔎

  GHSA CVE-2024-50379 has 7.2 V3Score but trivy has 9.8 V3Score

  niickyforwork started Feb 28, 2025 in False Detection

  

  

  

  

  7
• 1 You must be logged in to vote

  🙏

  Verifying severity of a vulnerability from trivy report

  triage/support Indicates an issue that is a support question.

  Sahasra-Sagiraju asked Dec 26, 2025 in Q&A · Unanswered

  

  

  0
• 1 You must be logged in to vote

  💡

  Log "ignore finding rule='' range=''" for avd's in .trivyignore.yaml

  kind/feature Categorizes issue or PR as related to a new feature.

  vladislav-orlovskiy started Dec 22, 2025 in Ideas

  

  

  

  

  2
• 1 You must be logged in to vote

  🙏

  Wrong CVSS score and miss ghsa v4 score in trivy DB - CVE-2025-55754

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  axidex asked Dec 25, 2025 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  🔎

  False Vulnerability Alert Caused by Incorrect Version Detection of MSSQL JDBC Driver in KeyCloak

  pavelnemirovsky started Dec 25, 2025 in False Detection · Closed

  

  

  1
• 2 You must be logged in to vote

  🐛

  Trivy does not detect vulnerabilities on ubuntu kernel

  kind/bug Categorizes issue or PR as related to a bug.

  wagde-orca started Sep 1, 2025 in Bugs

  

  

  

  

  16
• 1 You must be logged in to vote

  🙏

  package-lock.json is ignored on scan

  scan/vulnerability Issues relating to vulnerability scanning

  jankoh asked Oct 24, 2023 in Q&A · Closed · Answered

  

  

  

  

  4
• 2 You must be logged in to vote

  🔎

  Trivy not detecting issues

  aqeisi123 started Dec 22, 2025 in False Detection

  

  

  1
• 1 You must be logged in to vote

  🐛

  Bug: Trivy panics when scanning Google KMS Terraform module

  kind/bug Categorizes issue or PR as related to a bug.

  arh-wtag started Dec 23, 2025 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  🙏

  How does Trivy handle large images with big data files?

  triage/support Indicates an issue that is a support question.

  gromyko21 asked Dec 15, 2025 in Q&A · Unanswered

  

  

  4
• 2 You must be logged in to vote

  📖

  Provide a json schema to validate trivy.yaml based configuration

  kind/documentation Categorizes issue or PR as related to documentation.

  kevin-kortum-trustedshops started Jul 15, 2025 in Documentation · Closed

  

  

  

  

  2
• 1 You must be logged in to vote

  🐛

  bug(java): trivy don't respect dependencies inherit from Maven dependencies with scope test

  kind/bug Categorizes issue or PR as related to a bug.

  philippe-granet started Dec 19, 2025 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  🐛

  STDERR output progress is mangled

  kind/bug Categorizes issue or PR as related to a bug.

  jasonkarns started Dec 19, 2025 in Bugs

  

  

  0
• 2 You must be logged in to vote

  🐛

  BOM validation failed after upgrade to Trivy 0.68.1

  kind/bug Categorizes issue or PR as related to a bug.

  tomkuipers started Dec 10, 2025 in Bugs · Closed

  

  

  13
• 1 You must be logged in to vote

  🐛

  Repository too big, failing github action aquasecurity/setup-trivy due timeout

  kind/bug Categorizes issue or PR as related to a bug.

  tomas-lipensky started Dec 8, 2025 in Bugs

  

  

  4
• 2 You must be logged in to vote

  🙏

  Recalculating a vulnerability's Severity and CVSS score based on injected temporal/environmental metrics

  triage/support Indicates an issue that is a support question.

  quentinkhoo asked Dec 10, 2025 in Q&A · Unanswered

  

  

  

  

  6
• 1 You must be logged in to vote

  🙏

  Struggling with Rego policy for Trivy

  triage/support Indicates an issue that is a support question.

  rungitringit asked Dec 17, 2025 in Q&A · Closed · Answered

  

  

  4
• 1 You must be logged in to vote

  🙏

  --file-patterns flag not respected by vulnerability scanners

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  deser asked Dec 15, 2025 in Q&A · Unanswered

  

  

  3
• 1 You must be logged in to vote

  🐛

  licence Id does not comply with CycloneDX schema

  kind/bug Categorizes issue or PR as related to a bug.

  djeanprost started Dec 17, 2025 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  💡

  provide TLS configuration for VEX Hub repositories

  kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning

  alegrey91 started Dec 17, 2025 in Ideas

  

  

  0
• 1 You must be logged in to vote

  📢

  v0.68.2

  aqua-bot announced Dec 17, 2025 in Announcements

  

  

  0
• 1 You must be logged in to vote

  🙏

  Can we generate multiple format of reports on a single scan?

  triage/support Indicates an issue that is a support question.

  uday-globuslive asked Dec 17, 2025 in Q&A · Unanswered

  

  

  1