TechQA.

Trivy Scan failed on Qcow2 Image

539 views Asked by At

I am trying to scan the qcow2 image using Trivy, but it's failing the test ?

trivy --debug fs /home/user/fedora32_image.qcow2
2021-04-13T14:01:53.535-0700 DEBUG Severities: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
2021-04-13T14:01:53.557-0700 DEBUG cache dir: /home/user/.cache/trivy
2021-04-13T14:01:53.558-0700 DEBUG DB update was skipped because DB is the latest
2021-04-13T14:01:53.558-0700 DEBUG DB Schema: 1, Type: 1, UpdatedAt: 2021-04-13 12:07:40.493338704 +0000 UTC, NextUpdate: 2021-04-14 00:07:40.493338404 +0000 UTC, DownloadedAt: 2021-04-13 17:17:26.74233259 +0000 UTC
2021-04-13T14:01:53.558-0700 DEBUG Vulnerability type: [os library]
2021-04-13T14:01:53.624-0700 DEBUG Artifact ID: sha256:3404e98968ad338dc60ef74c0dd5bdd893478415cd2296b0c265a5650b3ae4d6
2021-04-13T14:01:53.624-0700 DEBUG Blob IDs: [sha256:3404e98968ad338dc60ef74c0dd5bdd893478415cd2296b0c265a5650b3ae4d6]
2021-04-13T14:01:53.624-0700 WARN OS is not detected and vulnerabilities in OS packages are not detected.
2021-04-13T14:01:53.624-0700 INFO Trivy skips scanning programming language libraries because no supported file was detected

Any advice on debugging?

linux kubernetes virtual-machine qemu trivy
Original Q&A
1

There are 1 answers

3
coderanger On

Trivy's fs mode needs an actual unpacked filesystem to read. You could mount that disk image and that point Trivy at it, or run Trivy from inside the VM. The only packed image formats it understands are containers since it's mostly a container tool.

Related Questions in LINUX

Related Questions in KUBERNETES

Related Questions in VIRTUAL-MACHINE

Related Questions in QEMU

Related Questions in TRIVY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions