-
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches.
See the module entry in go.mod: https://github.com/aquasecurity/trivy-operator/…
-
### Name and Version
bitnami/moodle:4.3.3-debian-12-r7
### What architecture are you using?
None
### What steps will reproduce the bug?
```console
$ trivy image bitnami/moodle:4.3.3-de…
-
Following is an updated report from an image scanner. You have replied here https://github.com/Redocly/redoc/issues/2481 on CVE-2023-43787 but there are two new issues: CVE-2023-52425 and CVE-2024-25…
-
### What happened?
The `agnhost` test image currently uses `alpine:3.12` as its BASEIMAGE: https://github.com/kubernetes/kubernetes/blob/e6efba3380c87503f918053c0511587485a2f828/test/images/agnhost/B…
-
### Terraform CLI and Provider Versions
###Terraform Version
Terraform version 1.5.0
Null provider 3.2.1
### Terraform Configuration
```terraform
Dear HashiCorp Team,
Some vulnerabilities are vi…
-
**NOTE**: The accepted proposal is https://github.com/golang/go/issues/50603#issuecomment-2181188811.
- - -
cmd/go embeds dependency version information in binaries, which is very useful. [From G…
-
Using Zap release 2.12.0 stable docker image for API scan script to test openapi endpoint with spec v3.0.3
Looks like ZAP is unable to parse the openapi definition
2023-05-09 15:26:44,515 http:/…
-
## Paste the full User-Agent String here
```
Mozilla/5.0 (compatible; AwarioBot/1.0; +https://awario.com/bots.html)
```
## Is this for Addition / Removal?
- [ ] Addition
- [x] Remova…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/6481
Originally posted by **omallo** April 10, 2024
### Description
I'm using the Trivy Operator which generates an SBOM f…
-
#### What happened:
When attempting to use a vulnerability scanner, such as `kubevuln` as part of the Kubescape security platform, the `kube-apiserver v1.28.4` pod is not reporting the correct imag…