Is Trivy picking up vulnerability CVE-2024-6387 #7090

Closed Answered by knqyf263

jodiejones-moj asked this question in Q&A

jodiejones-moj
Jul 3, 2024

Question

Hi there,

The following vulnerability came to our attention yesterday https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server. Can someone please confirm if Trivy Image Scanning is detecting this vulnerability?

Thanks,
Jodie

Target

Container Image

Scanner

Vulnerability

Output Format

None

Mode

None

Operating System

No response

Version

No response

Answered by knqyf263

Yes, Trivy detects it if OpenSSL is installed via OS package manager, such as dnf and apt.

View full answer

Replies: 1 comment

knqyf263
Jul 4, 2024
Maintainer

Yes, Trivy detects it if OpenSSL is installed via OS package manager, such as dnf and apt.

0 replies

Answer selected by knqyf263

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment