Discussions

• 2 You must be logged in to vote

  🐛

  Trivy does not detect vulnerabilities on ubuntu kernel

  kind/bug Categorizes issue or PR as related to a bug.

  wagde-orca started Sep 1, 2025 in Bugs

  

  

  

  

  17
• 1 You must be logged in to vote

  🐛

  [pom] settings.xml <servers> credentials not used when fetching parent POMs

  kind/bug Categorizes issue or PR as related to a bug.

  dmajano started May 6, 2026 in Bugs

  

  

  0
• 1 You must be logged in to vote

  👨‍💻

  [SAST] Unreachable сode in date_time_add.go

  Anchels started May 6, 2026 in Development

  

  

  0
• 0 You must be logged in to vote

  🙏

  Why does Trivy report far more vulnerabilities than Vuls when scanning the same Linux system?

  triage/support Indicates an issue that is a support question.

  IAOTW asked May 6, 2026 in Q&A · Unanswered

  

  

  2
• 1 You must be logged in to vote

  🐛

  Telemetry Cannot Be Disabled

  kind/bug Categorizes issue or PR as related to a bug.

  kiohto started Apr 23, 2026 in Bugs

  

  

  12
• 1 You must be logged in to vote

  💡

  Bring .conf,.ini,virtual host files for scanning under misconfigaration scan in trivy

  kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning

  Uppili96 started Apr 22, 2026 in Ideas

  

  

  1
• 3 You must be logged in to vote

  🔎

  False positive of AVD-AWS-0010 Configure Cloudfront logging

  LesterTheTester started Sep 14, 2023 in False Detection

  

  

  

  

  8
• 2 You must be logged in to vote

  📖

  Document CI/CD integration with RWX

  kind/documentation Categorizes issue or PR as related to documentation.

  robinaugh started May 5, 2026 in Documentation

  

  

  0
• 3 You must be logged in to vote

  🐛

  trivy-db is stale: vuln-list and vuln-list-* repos are not being updated

  kind/bug Categorizes issue or PR as related to a bug.

  jsatterfield-linux started Apr 30, 2026 in Bugs · Closed

  

  

  1
• 1 You must be logged in to vote

  🐛

  Azure AI Foundry, OpenAI secret not detected

  kind/feature Categorizes issue or PR as related to a new feature. scan/secret Issues relating to secret scanning

  wahmedswl started Apr 12, 2026 in Bugs · Closed

  

  

  2
• 1 You must be logged in to vote

  🐛

  Support scanning local block devices with trivy vm

  kind/bug Categorizes issue or PR as related to a bug.

  yusuke-koyoshi started May 3, 2026 in Bugs

  

  

  1
• 1 You must be logged in to vote

  🙏

  Node.JS package.json parser rejects valid names with slashes (e.g. "rxjs/ajax")

  triage/support Indicates an issue that is a support question.

  Achille004 asked Apr 30, 2026 in Q&A · Closed · Answered

  

  

  3
• 2 You must be logged in to vote

  💡

  feat: include JAR SHA-1 digest in JSON report output

  kotakanbe started May 1, 2026 in Ideas

  

  

  1
• 3 You must be logged in to vote

  📢

  v0.70.0

  Argon-DevOps-Mgt announced Apr 17, 2026 in Announcements

  

  

  

  

  3
• 3 You must be logged in to vote

  🐛

  LVM detection only checks sector 1 and does not support LVM1

  kind/bug Categorizes issue or PR as related to a bug.

  yusuke-koyoshi started Feb 18, 2026 in Bugs

  

  

  1
• 1 You must be logged in to vote

  👨‍💻

  Detect Ubuntu 26.04 LTS as a supported OS

  chrisnovakovic started Apr 27, 2026 in Development

  

  

  0
• 3 You must be logged in to vote

  🐛

  Java JAR packages not extracted when --scanners="" is specified

  kind/bug Categorizes issue or PR as related to a bug.

  yusuke-koyoshi started Feb 18, 2026 in Bugs

  

  

  9
• 1 You must be logged in to vote

  🙏

  Error with SBOM via OCI referrers - SBOM download error: unacceptable media type

  triage/support Indicates an issue that is a support question.

  rcarre asked Apr 9, 2026 in Q&A · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  📢

  Public GPG key updated for Trivy deb/rpm repositories

  DmitriyLewen announced Apr 17, 2026 in Announcements

  

  

  

  

  3
• 1 You must be logged in to vote

  💡

  Improve security of contrib/install.sh by support validating the binaries with sigstore/cosign or provided checksum

  kind/feature Categorizes issue or PR as related to a new feature.

  lhotari started Mar 23, 2026 in Ideas

  

  

  1
• 1 You must be logged in to vote

  💡

  Supply expected checksum to contrib/install.sh

  kind/feature Categorizes issue or PR as related to a new feature.

  kimxogus started Mar 27, 2026 in Ideas · Closed

  

  

  1
• 5 You must be logged in to vote

  💡

  GitHub Actions Workflow Security Audit — Post-Incident Hardening

  kind/feature Categorizes issue or PR as related to a new feature.

  north-echo started Mar 18, 2026 in Ideas

  

  

  2
• 1 You must be logged in to vote

  🙏

  How to ignore vulnerability without CVE but GHSA ID?

  triage/support Indicates an issue that is a support question.

  christian-schwaderer asked Apr 27, 2026 in Q&A · Closed · Answered

  

  

  1
• 1 You must be logged in to vote

  💡

  Add JSON Schema for .trivyignore.yaml configuration file

  kind/feature Categorizes issue or PR as related to a new feature.

  stdedos started Mar 20, 2026 in Ideas

  

  

  3
• 1 You must be logged in to vote

  🙏

  How do I ignore all vulnerabilities for a package?

  triage/support Indicates an issue that is a support question.

  Cylindric asked Mar 19, 2026 in Q&A · Closed · Unanswered

  

  

  1