Discussions

• 1 You must be logged in to vote

  🐛

  misconfiguration with false-positive while using terraform data with for_each

  kind/bug Categorizes issue or PR as related to a bug.

  felipeng started Jan 8, 2026 in Bugs

  

  

  0
• 1 You must be logged in to vote

  🐛

  Misconfiguration has a false positive check when using for_each with null value in locals

  kind/bug Categorizes issue or PR as related to a bug.

  felipeng started Jan 8, 2026 in Bugs

  

  

  0
• 1 You must be logged in to vote

  🔎

  false UNKNOWN on redis-commander NSWG-ECO-362

  ktzsolt started Jan 8, 2026 in False Detection

  

  

  0
• 1 You must be logged in to vote

  🐛

  Trivy does not detect packages from package.json

  kind/bug Categorizes issue or PR as related to a bug.

  aydinnyunus started Jan 8, 2026 in Bugs

  

  

  0
• 1 You must be logged in to vote

  🐛

  Trivy ignores my VEX file

  kind/bug Categorizes issue or PR as related to a bug.

  scraly started Jan 8, 2026 in Bugs

  

  

  0
• 3 You must be logged in to vote

  🐛

  False Positive on Go binaries: ldflags version ignored when module pseudo-version does not start with v0.0.0

  kind/bug Categorizes issue or PR as related to a bug.

  aviad-orca started Jan 8, 2026 in Bugs

  

  

  0
• 4 You must be logged in to vote

  🔎

  CVE-2025-14847

  wargamesqcf started Jan 7, 2026 in False Detection

  

  

  0
• 2 You must be logged in to vote

  🔎

  False positive on libglib2.0-0t64 version 2.86.3-4 for CVE-2025-13601

  benglewis started Jan 6, 2026 in False Detection

  

  

  2
• 1 You must be logged in to vote

  🐛

  trivy filesystem command does not process correctly for some package-lock.json

  kind/bug Categorizes issue or PR as related to a bug.

  larsriehn started Jan 6, 2026 in Bugs

  

  

  1
• 2 You must be logged in to vote

  🐛

  Some Terraform module files scanned by trivy don't appear in the report if they have no issues, despite being scanned

  kind/bug Categorizes issue or PR as related to a bug.

  mbdevpl started Jan 5, 2026 in Bugs

  

  

  1
• 1 You must be logged in to vote

  🔎

  False positive for python 3.13.11 - CVE-2025-13836

  sc-roberts started Jan 6, 2026 in False Detection

  

  

  0
• 1 You must be logged in to vote

  📖

  Clarify status of Rocky Linux OS package vulnerability scanning

  kind/documentation Categorizes issue or PR as related to documentation.

  tnielens started Dec 11, 2025 in Documentation

  

  

  2
• 1 You must be logged in to vote

  🔎

  False Positive in Keycloak

  gdsmith started Jan 5, 2026 in False Detection

  

  

  0
• 1 You must be logged in to vote

  💡

  Exit with error only on specified severities

  kind/feature Categorizes issue or PR as related to a new feature.

  PascalTurbo started Jan 17, 2024 in Ideas

  

  

  

  

  5
• 1 You must be logged in to vote

  🐛

  Cross-Platform Test Results Consistency Between macOS and Ubuntu

  pavelnemirovsky started Dec 18, 2025 in Bugs

  

  

  7
• 1 You must be logged in to vote

  🙏

  Verifying severity of a vulnerability from trivy report

  triage/support Indicates an issue that is a support question.

  Sahasra-Sagiraju asked Dec 26, 2025 in Q&A · Unanswered

  

  

  2
• 1 You must be logged in to vote

  📢

  🎉 Celebrating Issue/PR #10000 & Happy New Year! 🎊

  knqyf263 announced Dec 31, 2025 in Announcements

  

  

  0
• 1 You must be logged in to vote

  🔎

  GHSA CVE-2024-50379 has 7.2 V3Score but trivy has 9.8 V3Score

  niickyforwork started Feb 28, 2025 in False Detection

  

  

  

  

  8
• 7 You must be logged in to vote

  🔎

  mssql-jdbc - potential false positive on CVE-2025-59250 with mssql-jdbc 12.2.1.jre11

  concreted started Nov 4, 2025 in False Detection

  

  

  

  

  12
• 1 You must be logged in to vote

  🔎

  Trivy reports an incorrect libgomp version on Amazon Linux 2023

  pavelnemirovsky started Dec 24, 2025 in False Detection

  

  

  4
• 1 You must be logged in to vote

  💡

  Log "ignore finding rule='' range=''" for avd's in .trivyignore.yaml

  kind/feature Categorizes issue or PR as related to a new feature.

  vladislav-orlovskiy started Dec 22, 2025 in Ideas

  

  

  

  

  2
• 1 You must be logged in to vote

  🙏

  Wrong CVSS score and miss ghsa v4 score in trivy DB - CVE-2025-55754

  triage/support Indicates an issue that is a support question. scan/vulnerability Issues relating to vulnerability scanning

  axidex asked Dec 25, 2025 in Q&A · Unanswered

  

  

  1
• 2 You must be logged in to vote

  🐛

  Trivy does not detect vulnerabilities on ubuntu kernel

  kind/bug Categorizes issue or PR as related to a bug.

  wagde-orca started Sep 1, 2025 in Bugs

  

  

  

  

  16
• 2 You must be logged in to vote

  🔎

  Trivy not detecting issues

  aqeisi123 started Dec 22, 2025 in False Detection

  

  

  1
• 1 You must be logged in to vote

  🙏

  How does Trivy handle large images with big data files?

  triage/support Indicates an issue that is a support question.

  gromyko21 asked Dec 15, 2025 in Q&A · Unanswered

  

  

  4