Q & A

[gideonekpenyong00-dot]

Question

Hi Aqua Security team,

I’m a beginner in web3 and container security, and I’m really impressed by Trivy’s capabilities. I’ve gone through some of the documentation and I’m curious about how to use it effectively in real-world scenarios.

I have a few questions:

1. How do you prioritize scanning vulnerabilities vs misconfigurations when using Trivy?

2. What are the common mistakes or pitfalls beginners should avoid when running Trivy scans?

3. Are there specific settings or flags you recommend for new users to get the most accurate results?

4. Can Trivy be easily integrated into CI/CD pipelines, and if so, are there best practices for that?

5. Are there advanced features or hidden tips that beginners might overlook but are critical for security?

I’d love to hear your guidance so I can use Trivy effectively and securely.

Thanks so much for your time and for building such an amazing tool!

Target

Container Image

Scanner

Vulnerability

Output Format

Table

Mode

Standalone

Operating System

Mac M1 (darwin/arm64).

Version

2026-02-10T02:20:01.123+0100    INFO    Need to update DB
2026-02-10T02:20:02.456+0100    INFO    Detected OS: alpine
2026-02-10T02:20:02.456+0100    INFO    Detecting Alpine vulnerabilities...

python:3.4-alpine (alpine 3.12)
================================

Total: 5 (UNKNOWN: 0, LOW: 1, MEDIUM: 2, HIGH: 2, CRITICAL: 0)

+------------------+----------------+-----------------+-----------------+----------+
| VULNERABILITY ID | PACKAGE NAME   | INSTALLED VER   | FIXED VER       | SEVERITY |
+------------------+----------------+-----------------+-----------------+----------+
| CVE-2021-42392   | musl           | 1.2.2-r0        | 1.2.2-r1        | HIGH     |
| CVE-2021-36159   | bash           | 5.0-r0          | 5.1-r0          | MEDIUM   |
| CVE-2021-33910   | libcrypto      | 1.1.1d-r0       | 1.1.1k-r0       | HIGH     |
| CVE-2021-27645   | busybox        | 1.31.1-r9       | 1.32.0-r0       | MEDIUM   |
| CVE-2021-3490    | apk-tools      | 2.10.5-r1       | 2.10.6-r0       | LOW      |
+------------------+----------------+-----------------+-----------------+----------+