-
Notifications
You must be signed in to change notification settings - Fork 551
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Grype failed to find vulnerabilities on a vulnerable image #1176
Comments
Attached the full report from trivy |
Same trouble. Try "docker pull vulnerables/web-dvwa" and scan |
Thanks for reporting, we switched over to a new data sync mechanism at the end of last week. The vulnerability data in question (debian 9) hasn't been available from the original upstream source for a while, so we've been leveraging a cache from the last time it had been available. I'll make certain this cache is loaded up into the new data sync approach. |
We've run into this same issue, documented here.
|
|
An update: The PR for the fix is in (currently in a closed source repo unfortunately, but that will change soon). Once merged we'll re-run the data sync and DB builds for today. There will be a time window where the CDN cache wont see the update, however, I'll make certain to drop the direct DB url here for folks that are keen on using the fixed DB ASAP. |
@FrimIdan @Dungeon1 Once the CDN cache is refreshed you should see the updated DB with For the meantime here's the updated DB link directly in case you wanted to use it ASAP:
I'll close this issue once I can see |
Ok, I've confirmed that the latest DB update works with the full |
What happened:
Trying to scan
goodwithtech/test-image:v1
with grype gives no vulnerabilities while with other scanner there are lots of vulnerabilitiesWhat you expected to happen:
Grype should found vulnerabilities in the given image.
How to reproduce it (as minimally and precisely as possible):
Run
grype --add-cpes-if-none goodwithtech/test-image:v1
Anything else we need to know?:
Environment:
grype version
:trivy version
:cat /etc/os-release
or similar): MacOSThe text was updated successfully, but these errors were encountered: