github.com/aquasecurity/trivy (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/aquasecurity/trivy, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2024-35192 — CVSS 5.5 (medium): Trivy is a security scanner. Prior to 0.51.2, if a malicious actor is able to trigger Trivy to scan container images from a crafted…