-
### What is your question?
Hi Team/ @sozercan,
I have done patching for bitnami redis image using Copa and while generating vulnerabilities JSON file I am using below command:
`sudo trivy image…
-
Scylla-tools-java uses `guava` version `18.0`. Those dependencies are flagged by security scanners and should be updated.
```
[yaronkaikov@london]~/git/scylla-pkg (releng-3814-trivy-clamav)$ trivy…
-
@madler
It looks like the fix is already in develop: See https://github.com/madler/zlib/pull/843 and https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c
We only new a…
-
The currently used kubernetes version has a vulnerability of CVE-2020-8554, whether to consider refactoring the gitops-engine module, upgrade the kubernetes version to 1.26.x or above, and use new fea…
-
AVD-AWS-0177 should point to it's corresponding URL within AVD but instead points to https://avd.aquasec.com/misconfig/n/a which is a different check for cluster deletion prevention.
### Discussed …
-
Hello,
currently latest published image reports following security vulnerabilities:
```
➜ pvc-autoresizer git:(main) ✗ trivy image ghcr.io/topolvm/pvc-autoresizer:0.10.1
2024-01-22T19:02:39.635Z …
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/6061
Originally posted by **levinebw** February 2, 2024
### Description
log4j-core@2.12.4 is not affected by CVE-2020-948…
-
Version bump needed to eliminate CVEs:
```
❯ trivy image enix/x509-certificate-exporter:3.10.1
2023-11-15T20:05:15.824-0600 INFO Vulnerability scanning is enabled
2023-11-15T20:05:15.824-0600 IN…
-
### Describe the bug
Security vulnerability "PRISMA-2023-0056" has been reported because of github.com/sirupsen/logrus
Fix is available in v1.9.3 of github.com/sirupsen/logrus
### To Reproduce
R…
-
GSoC 2024 has been officially announced and the schedule is up here:
https://developers.google.com/open-source/gsoc/timeline
We'll want to have some _viable_ ideas nailed down around the end of Ja…