Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Medium Severity GuardDuty finding for each image vulnerability scan task #6451

Open
2 tasks done
tanmaymohan opened this issue Mar 17, 2025 · 1 comment
Open
2 tasks done

Bug: Medium Severity GuardDuty finding for each image vulnerability scan task #6451

tanmaymohan opened this issue Mar 17, 2025 · 1 comment
Assignees
@prakarsh-dt @vikramdevtron
Labels
bug Something isn't working needs-triage Issue is not approved or ready-to-work on

Comments

@tanmaymohan
Copy link

📜 Description

While using the trivy image scanner for devtron , on each run , AWS GuardDuty flags it as a medium severity bug as it is accessing a host docker socket. Don't know if it's a false positive being raised multiple times or something is occurring in wrong.

👟 Reproduction steps

  1. EKS cluster 1.29 on AWS
  2. Region : ap-south-1
  3. Addon : Amazon GuardDuty EKS Runtime Monitoring Enabled
  4. GuardDuty service enabled at the account level
  5. Run an image scan in a CI step

👍 Expected behavior

Shouldn't trigger a medium vulnerability.

👎 Actual Behavior

Triggers the following:

Image
Image
Image

☸ Kubernetes version

EKS 1.29

Cloud provider

AWS ap-south-1

🌍 Browser

Chrome

🧱 Your Environment

Chrome browser

✅ Proposed Solution

No response

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?
@tanmaymohan tanmaymohan added bug Something isn't working needs-triage Issue is not approved or ready-to-work on labels Mar 17, 2025
@satyampsoni
Copy link
Contributor

The container image executes the Trivy container using the command docker run trivy. To avoid this issue, you can adjust your Trivy configuration settings to ignore this specific alert.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@prakarsh-dt prakarsh-dt

@vikramdevtron vikramdevtron

Labels
bug Something isn't working needs-triage Issue is not approved or ready-to-work on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tanmaymohan @prakarsh-dt @vikramdevtron @satyampsoni