You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am scanning a docker container we use to run the Azure pipeline agent. It needs libc-dev which means there are over 500 known CVEs at Medium and above. How can I ignore the whole package in trivyignore.yaml? I have to put a value for the id, but I want to ignore all CVEs.
vulnerabilities:
- id: *
statement: ignore all issues with libc-dev
expired: 2026-04-01
purls:
- "pkg:deb/ubuntu/linux-libc-dev@6.8.0-106.106?arch=amd64\u0026distro=ubuntu-24.04"
Is there a way of doing this without adding 500 ignores covering every possible CVE?
Target
Container Image
Scanner
Vulnerability
Output Format
JSON
Mode
Standalone
Operating System
Ubuntu 24.04
Version
Version: 0.69.3
(from the docker image at aquasec/trivy)
triage/supportIndicates an issue that is a support question.
1 participant
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Question
I am scanning a docker container we use to run the Azure pipeline agent. It needs
libc-devwhich means there are over 500 known CVEs at Medium and above. How can I ignore the whole package in trivyignore.yaml? I have to put a value for theid, but I want to ignore all CVEs.Is there a way of doing this without adding 500 ignores covering every possible CVE?
Target
Container Image
Scanner
Vulnerability
Output Format
JSON
Mode
Standalone
Operating System
Ubuntu 24.04
Version
Beta Was this translation helpful? Give feedback.
All reactions