Scanning Oracle Linux Image #1403
Answered
by
afdesk
alexanderkiel
asked this question in
Q&A
-
I question whether Trivy scans Oracle Linux 8.5 correctly. If I do it, I get zero vulnerabilities: % trivy image oraclelinux:8.5 | head
2021-11-19T17:28:16.843+0100 INFO Detected OS: oracle
2021-11-19T17:28:16.843+0100 INFO Detecting Oracle Linux vulnerabilities...
2021-11-19T17:28:16.849+0100 INFO Number of language-specific files: 0
oraclelinux:8.5 (oracle 8.5)
============================
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) However the previous version 8.4 had the following vulnerabilities: % trivy image oraclelinux:8.4 | head
2021-11-19T17:25:23.360+0100 INFO Detected OS: oracle
2021-11-19T17:25:23.360+0100 INFO Detecting Oracle Linux vulnerabilities...
2021-11-19T17:25:23.371+0100 INFO Number of language-specific files: 0
oraclelinux:8.4 (oracle 8.4)
============================
Total: 76 (UNKNOWN: 0, LOW: 10, MEDIUM: 33, HIGH: 22, CRITICAL: 11) Is it possible that Oracle fixed every single vulnerability or does Trivy have issues with the newest version? |
Beta Was this translation helpful? Give feedback.
Answered by
afdesk
Nov 24, 2021
Replies: 1 comment
-
Hi @alexanderkiel! it seems that You can take a look at my tests in comments here: issues/1405 |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
alexanderkiel
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @alexanderkiel!
thanks for your report.
it seems that
trivy
currently contains no information about vulnerabilities in the imageoraclelinux:8.5
.You can take a look at my tests in comments here: issues/1405