-
In Azure DevOps for privatized deployments, we pull images from `registry.my-company.com/third-party/trivy` instead of `aquasec/trivy` because of network isolation.
-
## Vulnerabilities found for katib-ui:v0.17.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project …
-
I thought this would be easy but I was wrong. Consider the following Github action:
```yaml
name: Daily Pull and Vulnerability Scan
on:
schedule:
- cron: "0 0 * * *" # Runs daily at mi…
-
### Preflight Checklist
- [X] I agree to follow the [Code of Conduct](https://github.com/deckhouse/deckhouse/blob/main/CODE_OF_CONDUCT.md) that this project adheres to.
- [X] I have searched the [iss…
-
Am using running @trivy inside a pipeline
`- task: trivy@1
displayName: Scan image with Trivy
inputs:
loginDockerConfig: true
ignoreUnfixed: true
severities: HIGH,CRITI…
-
### Preflight Checklist
- [X] I agree to follow the [Code of Conduct](https://github.com/deckhouse/deckhouse/blob/main/CODE_OF_CONDUCT.md) that this project adheres to.
- [X] I have searched the [iss…
-
Multiple CVEs are reported by Trivy scan tool. Looks like this is because of the go version.
```
usr/local/bin/topicctl (gobinary)
Total: 15 (UNKNOWN: 0, LOW: 0, MEDIUM: 10, HIGH: 4, CRITICAL: …
-
## Vulnerabilities found for metadata-writer:2.3.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your pro…
-
### Feature Request
Support the `convert` command available in `trivy` CLI.
### Use Case
I have a workflow that does a repo scan and outputs JSON to a file for analysis. I also want to get th…
-
I installed trivy on azure builder agent using:
dnf install -y https://github.com/aquasecurity/trivy/releases/download/v0.52.0/trivy_0.52.0_Linux-64bit.rpm
sh-4.4$ trivy -v
Version: 0.52.0
V…