aquasecurity trivy Bugs · Discussions · GitHub

Trivy Security incident 2026-03-19 conclusion
Announcements itaysk

Sort by: Latest activity

Bugs Discussions

Something doesn't work as expected

You must be logged in to vote

Bom module in maven multimodule project is not used correctly without first installing the artifacts
kind/bug Categorizes issue or PR as related to a bug.
askoog started Apr 1, 2026 in Bugs

1
You must be logged in to vote

IP allow list blocks gh CLI in CI, preventing release integrity attestation
kind/bug Categorizes issue or PR as related to a bug.
633kh4ck started Mar 24, 2026 in Bugs

12
You must be logged in to vote

Different result for VEX between SBOM and image scanning
kind/bug Categorizes issue or PR as related to a bug.
AugustusKling started Apr 1, 2026 in Bugs

0
You must be logged in to vote

Trivy scans a library declared as "test" in a dependency module
kind/bug Categorizes issue or PR as related to a bug.
thboileau started Mar 30, 2026 in Bugs

1
You must be logged in to vote

Terraform scan stack overflow in countBlockRecursion (sort.go) - v0.69.3
kind/bug Categorizes issue or PR as related to a bug.
dabcoder started Mar 31, 2026 in Bugs

0
You must be logged in to vote

Trivy Java DB failing to Publish
kind/bug Categorizes issue or PR as related to a bug.
Noclas started Mar 30, 2026 in Bugs

2
You must be logged in to vote

dockerhub latest tag gone?
kind/bug Categorizes issue or PR as related to a bug. triage/duplicate Indicates an issue is a duplicate of other open issue.
c-seeger started Mar 28, 2026 in Bugs · Closed

1
You must be logged in to vote

Trivy v0.69.3 google.golang.org/grpc
kind/bug Categorizes issue or PR as related to a bug.
Nico-VanHaaster started Mar 26, 2026 in Bugs · Closed

1
You must be logged in to vote

Publish the artifacts for the trivy_0.62.1 version
kind/bug Categorizes issue or PR as related to a bug.
PRYeswanthReddy started Mar 25, 2026 in Bugs

1
You must be logged in to vote

Docker Image missing latest tag
kind/bug Categorizes issue or PR as related to a bug.
sjkeerthi started Mar 23, 2026 in Bugs

7
You must be logged in to vote

Release versions between v0.26.0 and v0.69.2 just disappeared from Github
kind/bug Categorizes issue or PR as related to a bug.
PenelopeFudd started Mar 2, 2026 in Bugs · Closed

4
You must be logged in to vote

Trivy Ignore Alias only allowed upper case
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/cloud Issues relating to cloud account scanning
commodore-84 started Feb 26, 2026 in Bugs · Closed

3
You must be logged in to vote

fix(eks): EKS-CIS-1.4 incorrect check for control 3.1.1
kind/bug Categorizes issue or PR as related to a bug.
mattcarp12 started Mar 23, 2026 in Bugs

0
You must be logged in to vote

Trivy version 0.69.4 is not released but mis-found in Trivy update in Mason
kind/bug Categorizes issue or PR as related to a bug.
duytrung started Mar 22, 2026 in Bugs

1
You must be logged in to vote

aquasec/trivy:latest Docker tag is single-arch (arm64 only) — should be multi-arch manifest list
kind/bug Categorizes issue or PR as related to a bug.
wouterdebie started Mar 20, 2026 in Bugs

4
You must be logged in to vote

Docker image latest only build for arm OS/ARCH Missed it other ARCH
kind/bug Categorizes issue or PR as related to a bug.
sjkeerthi started Mar 20, 2026 in Bugs · Closed

3
You must be logged in to vote

Trivy get a parsing error when scanning a terraform plan json file for certain resources
kind/bug Categorizes issue or PR as related to a bug. triage/support Indicates an issue that is a support question. scan/misconfiguration Issues relating to misconfiguration scanning
andrea-migliaccio started Mar 19, 2026 in Bugs

0
You must be logged in to vote

Trivy 0.69.3 Includes Go net/url CVE-2026-25679
kind/security Categorizes issue or PR as related to Trivy's own security or internal vulnerabilities.
kpb started Mar 18, 2026 in Bugs

1
You must be logged in to vote

Trivy v0.69.2 fails to scan python:3.12.13-slim with invalid tar header
kind/bug Categorizes issue or PR as related to a bug. target/container-image Issues relating to container image scanning
akashkumar975 started Mar 7, 2026 in Bugs

9
You must be logged in to vote

Nil Pointer Dereference in Terraform Plan JSON Parser
kind/bug Categorizes issue or PR as related to a bug.
pxp928 started Mar 9, 2026 in Bugs · Closed

4
You must be logged in to vote

WASM module memory leak: free() called with wrong number of arguments
kind/bug Categorizes issue or PR as related to a bug.
MisLink started Feb 28, 2026 in Bugs · Closed

1
You must be logged in to vote

node.js vulnerability detection in images does not work
kind/bug Categorizes issue or PR as related to a bug.
felix-as started Mar 12, 2026 in Bugs

2
You must be logged in to vote

Failure to parse package-lock.json file including legacy license array format
kind/bug Categorizes issue or PR as related to a bug.
WhatIsACore started Mar 11, 2026 in Bugs · Closed

1
You must be logged in to vote

SPDX 2.3 Compliance: Missing mandatory license fields for APPLICATION and SOURCE packages in v0.69.3
kind/bug Categorizes issue or PR as related to a bug.
sahilm02 started Mar 10, 2026 in Bugs · Closed

1
You must be logged in to vote

Incorrect ROOTPATH in sarif output in Git repository
kind/bug Categorizes issue or PR as related to a bug.
dennis-spiegel started Mar 6, 2026 in Bugs · Closed

1