aquasecurity trivy · Discussions · GitHub

Trivy Security incident 2026-03-19 conclusion
Announcements itaysk

Discussions

You must be logged in to vote

v0.69.2

aqua-bot announced Mar 1, 2026 in Announcements

2
You must be logged in to vote

Add riscv64 to release binaries and Docker images
kind/feature Categorizes issue or PR as related to a new feature. target/container-image Issues relating to container image scanning
gounthar started Mar 20, 2026 in Ideas

0
You must be logged in to vote

Add JSON Schema for .trivyignore.yaml configuration file
kind/feature Categorizes issue or PR as related to a new feature.
stdedos started Mar 20, 2026 in Ideas

0
You must be logged in to vote

aquasec/trivy:latest Docker tag is single-arch (arm64 only) — should be multi-arch manifest list
kind/bug Categorizes issue or PR as related to a bug.
wouterdebie started Mar 20, 2026 in Bugs

4
You must be logged in to vote

Docker image latest only build for arm OS/ARCH Missed it other ARCH
kind/bug Categorizes issue or PR as related to a bug.
sjkeerthi started Mar 20, 2026 in Bugs · Closed

3
Why did this discussion about the Trivy incident get removed/closed

devinbfergy asked Mar 19, 2026 in Q&A · Answered

772
You must be logged in to vote

docs: Demonstration videos in README don't play in Chromium based browsers
kind/documentation Categorizes issue or PR as related to documentation.
mattcarp12 started Mar 19, 2026 in Documentation

0
You must be logged in to vote

GitHub Actions Workflow Security Audit — Post-Incident Hardening
kind/feature Categorizes issue or PR as related to a new feature.
north-echo started Mar 18, 2026 in Ideas

1
You must be logged in to vote

Support for OWASP Risk Ratings in VEX documents
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
fahedouch started Feb 24, 2026 in Ideas

3
You must be logged in to vote

How do I ignore all vulnerabilities for a package?
triage/support Indicates an issue that is a support question.
Cylindric asked Mar 19, 2026 in Q&A · Unanswered

0
You must be logged in to vote

Trivy get a parsing error when scanning a terraform plan json file for certain resources
kind/bug Categorizes issue or PR as related to a bug. triage/support Indicates an issue that is a support question. scan/misconfiguration Issues relating to misconfiguration scanning
andrea-migliaccio started Mar 19, 2026 in Bugs

0
You must be logged in to vote

why doesn't trivy detect CRITICAL CVE-2026-22184 ?
triage/support Indicates an issue that is a support question.
ReneBoehm asked Feb 19, 2026 in Q&A · Closed · Answered

11
You must be logged in to vote

Trivy 0.69.3 Includes Go net/url CVE-2026-25679
kind/security Categorizes issue or PR as related to Trivy's own security or internal vulnerabilities.
kpb started Mar 18, 2026 in Bugs

1
You must be logged in to vote

Add check for missing pipefail in Dockerfile
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning
rittneje started Jan 23, 2025 in Ideas · Closed

5
You must be logged in to vote

Trivy v0.69.2 fails to scan python:3.12.13-slim with invalid tar header
kind/bug Categorizes issue or PR as related to a bug. target/container-image Issues relating to container image scanning
akashkumar975 started Mar 7, 2026 in Bugs

9
You must be logged in to vote

Revisit AVD-AWS-0088 aws-s3-enable-bucket-encryption
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/cloud Issues relating to cloud account scanning
nekketsuuu started May 9, 2025 in Ideas · Closed

1
You must be logged in to vote

Nil Pointer Dereference in Terraform Plan JSON Parser
kind/bug Categorizes issue or PR as related to a bug.
pxp928 started Mar 9, 2026 in Bugs · Closed

4
You must be logged in to vote

Use Trivy as Bun Security Scanner
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
Vinfall started Mar 17, 2026 in Ideas

2
You must be logged in to vote

Add CSAF Support for the --vex oci flag
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning
ackammawork started Mar 17, 2026 in Ideas

0
You must be logged in to vote

Add support for injecting additional volumes and volumeMounts on trivy helm chart
kind/feature Categorizes issue or PR as related to a new feature. target/kubernetes Issues relating to kubernetes cluster scanning
ajcontrib started Mar 17, 2026 in Ideas

0
You must be logged in to vote

Trivy unable to fs scan with RPM on SLES
triage/support Indicates an issue that is a support question.
paul25w asked Mar 10, 2026 in Q&A · Unanswered

3
You must be logged in to vote

Bun support?
kind/feature Categorizes issue or PR as related to a new feature.
ftzi started Jan 24, 2024 in Ideas · Closed

11
You must be logged in to vote

False positives when scanning docker hardening image
scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
daniellohausen-vaillant asked Mar 13, 2026 in Q&A · Closed · Unanswered

5
You must be logged in to vote

WASM module memory leak: free() called with wrong number of arguments
kind/bug Categorizes issue or PR as related to a bug.
MisLink started Feb 28, 2026 in Bugs · Closed

1
You must be logged in to vote

Feature: Option to use CVSS 4.0 for severity classification when available
kind/feature Categorizes issue or PR as related to a new feature. scan/vulnerability Issues relating to vulnerability scanning target/container-image Issues relating to container image scanning
nitishtw started Mar 11, 2026 in Ideas

1