Y
Hacker News
new
|
ask
|
show
|
jobs
by
staticassertion
87 days ago
You only need internet access to grab the image, I don't think trivy requires internet access itself. All of my image scanning tools run in isolation.
1 comments
mkesper
86 days ago
It needs internet access for upgrading the check bundle and for full Java library resolution (pom.xml). See e.g.
https://github.com/aquasecurity/trivy/discussions/9698
link
staticassertion
86 days ago
Nice, thanks! Yeah, so exfil is definitely still a thing to watch out for, even if you run in an unprivileged env.
link