[Bug] Trivy Image Scanning Issue #5420

AshkanRafiee · 2023-10-21T08:09:26Z

AshkanRafiee
Oct 21, 2023

Description

I am reporting a bug that I encountered when using Trivy for image scanning.

Desired Behavior

I expected Trivy to complete the image scanning process without errors.

Actual Behavior

The scan process failed with the following error message:
2023-10-21T10:11:20.240+0330 FATAL image scan error: scan error: scan failed: failed analysis: analyze error: pipeline error: failed to analyze layer (sha256:blablabla): walk error: failed to process the file: failed to analyze file: failed to analyze usr/lib/gcc/x86_64-linux-gnu/12/cc1: unable to open usr/lib/gcc/x86_64-linux-gnu/12/cc1: failed to open: unable to read the file: stream error: stream ID 19; INTERNAL_ERROR; received from peer

Reproduction Steps

1. Run the command provided above with the specified image.
2. Observe the error message as mentioned.
3. After Running the command multiple times, it fixes the problem and the scan finishes with no problem!

Target

Container Image

Scanner

None

Output Format

Table

Mode

Standalone

Debug Output

trivy -d image --ignore-unfixed --scanners secret --severity CRITICAL,HIGH something.example.com/blablabla@sha256:blablabla
2023-10-21T11:19:31.612+0330    DEBUG   Severities: ["CRITICAL" "HIGH"]
2023-10-21T11:19:31.613+0330    DEBUG   Ignore statuses {"statuses": ["unknown","not_affected","affected","under_investigation","will_not_fix","fix_deferred","end_of_life"]}
2023-10-21T11:19:31.616+0330    DEBUG   cache dir:  /home/username/.cache/trivy
2023-10-21T11:19:31.616+0330    INFO    Secret scanning is enabled
2023-10-21T11:19:31.616+0330    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-10-21T11:19:31.617+0330    INFO    Please see also https://aquasecurity.github.io/trivy/v0.46/docs/scanner/secret/#recommendation for faster secret detection
2023-10-21T11:19:32.159+0330    DEBUG   No secret config detected: trivy-secret.yaml
2023-10-21T11:19:32.160+0330    DEBUG   The nuget packages directory couldn't be found. License search disabled
2023-10-21T11:19:32.161+0330    DEBUG   No secret config detected: trivy-secret.yaml
2023-10-21T11:19:32.186+0330    DEBUG   Image ID: sha256:3d90caaaa6264b0099665a52b8c4c7b98fc7c4564b0be07aaead9307989ed0cf
2023-10-21T11:19:32.186+0330    DEBUG   Diff IDs: [sha256:cb4596cc145400fb1f2aa56d41516b39a366ecdee7bf3f9191116444aacd8c90 sha256:e76afd493130bf69d8b3176ea95c4a837fc478ea912f6f55c31e49ac6a7e4459 sha256:ccda53e16f20d636abec8250964d099b991eda05661551cca33c1702d7ebddce sha256:9eea1b6c828267d4f93cebc1eca56e31d5a50f9f0f5e845165cca03d3894a17b sha256:f081fe9249599e7f92ca0f5ef2b53932741bb69e7e1d763ad1bc98be5c0aa3a5 sha256:ec7977d9799d0836545b9dee969cfea8b17747287171d50fb0e0f53e68505738 sha256:6bf84bf6cad36cee67f43b633db798c507762246424057ee511ad619fe38f891 sha256:767d0e9e723c362f9a14ed3d0a257ae936b132147ffdb257cc5988093a43281b sha256:fdc425c788d71faa02e8f93dfb15784eedf8ced5e147b823b4625020856d12f4 sha256:053a8a216148faa144318c05b65f88bd73828a447ff7d3d5d10c0fe7e94a010c sha256:52b730379c7eca1bef0b29af42d91ebf7086da015e6577e808083665134a5284 sha256:96f447d1966f70101c39fa7db5aa89c1f850be27e580a3b85230f3faa0367c8c sha256:9b3a1adc1b0ad4f5caede3986e91fcd9bdd9b7482dfda2401b059645a45b84ad sha256:2bff614496bd6bd6cf7ef27289eafd4b87c742ddb410e3433d1924a382c3673a sha256:fb0a4969ffd45d31421d83fd412282ed1a6821db32f9b0165c1ce9607946630f sha256:8f968375580cb7ef287ecb9b4bffe59aa51be713294d6be913878a5dbe2372f9 sha256:2fa3accc965a4108195700aff2fc4770e136ee6723467c931836b3ab9dd915d7]
2023-10-21T11:19:32.186+0330    DEBUG   Base Layers: [sha256:cb4596cc145400fb1f2aa56d41516b39a366ecdee7bf3f9191116444aacd8c90 sha256:e76afd493130bf69d8b3176ea95c4a837fc478ea912f6f55c31e49ac6a7e4459 sha256:ccda53e16f20d636abec8250964d099b991eda05661551cca33c1702d7ebddce sha256:9eea1b6c828267d4f93cebc1eca56e31d5a50f9f0f5e845165cca03d3894a17b sha256:f081fe9249599e7f92ca0f5ef2b53932741bb69e7e1d763ad1bc98be5c0aa3a5]
2023-10-21T11:19:32.202+0330    DEBUG   Missing diff ID in cache: sha256:ccda53e16f20d636abec8250964d099b991eda05661551cca33c1702d7ebddce
2023-10-21T11:19:32.202+0330    DEBUG   Missing diff ID in cache: sha256:f081fe9249599e7f92ca0f5ef2b53932741bb69e7e1d763ad1bc98be5c0aa3a5
2023-10-21T11:19:32.202+0330    DEBUG   Missing diff ID in cache: sha256:9eea1b6c828267d4f93cebc1eca56e31d5a50f9f0f5e845165cca03d3894a17b
2023-10-21T11:19:32.202+0330    DEBUG   Missing diff ID in cache: sha256:cb4596cc145400fb1f2aa56d41516b39a366ecdee7bf3f9191116444aacd8c90
2023-10-21T11:19:32.202+0330    DEBUG   Missing diff ID in cache: sha256:e76afd493130bf69d8b3176ea95c4a837fc478ea912f6f55c31e49ac6a7e4459
2023-10-21T11:19:32.309+0330    DEBUG   Skipping directory: dev
2023-10-21T11:19:32.617+0330    DEBUG   Missing diff ID in cache: sha256:ec7977d9799d0836545b9dee969cfea8b17747287171d50fb0e0f53e68505738
2023-10-21T11:19:32.988+0330    DEBUG   Skipping directory: proc
2023-10-21T11:19:32.988+0330    DEBUG   Skipping directory: sys
2023-10-21T11:19:35.804+0330    DEBUG   Unable to parse "var/lib/dpkg/available" file: file open error: open var/lib/dpkg/available: file does not exist
2023-10-21T11:19:35.821+0330    DEBUG   Missing diff ID in cache: sha256:6bf84bf6cad36cee67f43b633db798c507762246424057ee511ad619fe38f891
2023-10-21T11:19:36.575+0330    DEBUG   Unable to parse "var/lib/dpkg/available" file: file open error: open var/lib/dpkg/available: file does not exist
2023-10-21T11:19:36.582+0330    DEBUG   Missing diff ID in cache: sha256:767d0e9e723c362f9a14ed3d0a257ae936b132147ffdb257cc5988093a43281b
2023-10-21T11:19:39.371+0330    DEBUG   Missing diff ID in cache: sha256:fdc425c788d71faa02e8f93dfb15784eedf8ced5e147b823b4625020856d12f4
2023-10-21T11:19:43.581+0330    DEBUG   Missing diff ID in cache: sha256:053a8a216148faa144318c05b65f88bd73828a447ff7d3d5d10c0fe7e94a010c
2023-10-21T11:19:43.911+0330    DEBUG   Missing diff ID in cache: sha256:52b730379c7eca1bef0b29af42d91ebf7086da015e6577e808083665134a5284
2023-10-21T11:19:44.177+0330    DEBUG   Missing diff ID in cache: sha256:96f447d1966f70101c39fa7db5aa89c1f850be27e580a3b85230f3faa0367c8c
2023-10-21T11:19:44.435+0330    DEBUG   Missing diff ID in cache: sha256:9b3a1adc1b0ad4f5caede3986e91fcd9bdd9b7482dfda2401b059645a45b84ad
2023-10-21T11:20:33.281+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/PIL/_imaging.cpython-311-x86_64-linux-gnu.so) parse error: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imaging.cpython-311-x86_64-linux-gnu.so: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imaging.cpython-311-x86_64-linux-gnu.so: EOF
2023-10-21T11:20:33.282+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/PIL/_imagingcms.cpython-311-x86_64-linux-gnu.so) parse error: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imagingcms.cpython-311-x86_64-linux-gnu.so: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imagingcms.cpython-311-x86_64-linux-gnu.so: EOF
2023-10-21T11:20:33.297+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/PIL/_imagingft.cpython-311-x86_64-linux-gnu.so) parse error: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imagingft.cpython-311-x86_64-linux-gnu.so: failed to parse usr/local/lib/python3.11/site-packages/PIL/_imagingft.cpython-311-x86_64-linux-gnu.so: EOF
2023-10-21T11:20:33.301+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/PIL/_webp.cpython-311-x86_64-linux-gnu.so) parse error: failed to parse usr/local/lib/python3.11/site-packages/PIL/_webp.cpython-311-x86_64-linux-gnu.so: failed to parse usr/local/lib/python3.11/site-packages/PIL/_webp.cpython-311-x86_64-linux-gnu.so: EOF
2023-10-21T11:20:33.311+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libXau-154567c4.so.6.0.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libXau-154567c4.so.6.0.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libXau-154567c4.so.6.0.0: EOF
2023-10-21T11:20:33.345+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlicommon-d48ca5e2.so.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlicommon-d48ca5e2.so.1: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlicommon-d48ca5e2.so.1: EOF
2023-10-21T11:20:33.345+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlidec-4af60061.so.1.0.9) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlidec-4af60061.so.1.0.9: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libbrotlidec-4af60061.so.1.0.9: EOF
2023-10-21T11:20:33.501+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libfreetype-a2e077f2.so.6.18.3) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libfreetype-a2e077f2.so.6.18.3: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libfreetype-a2e077f2.so.6.18.3: EOF
2023-10-21T11:20:33.732+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libharfbuzz-0976d5c6.so.0.50301.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libharfbuzz-0976d5c6.so.0.50301.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libharfbuzz-0976d5c6.so.0.50301.0: EOF
2023-10-21T11:20:33.780+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libjpeg-1678c144.so.62.3.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libjpeg-1678c144.so.62.3.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libjpeg-1678c144.so.62.3.0: EOF
2023-10-21T11:20:33.829+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/liblcms2-92cb876b.so.2.0.13) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/liblcms2-92cb876b.so.2.0.13: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/liblcms2-92cb876b.so.2.0.13: EOF
2023-10-21T11:20:33.844+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/liblzma-c1d09604.so.5.2.7) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/liblzma-c1d09604.so.5.2.7: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/liblzma-c1d09604.so.5.2.7: EOF
2023-10-21T11:20:33.894+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libopenjp2-8fa4ced9.so.2.5.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libopenjp2-8fa4ced9.so.2.5.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libopenjp2-8fa4ced9.so.2.5.0: EOF
2023-10-21T11:20:33.920+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libpng16-74de970d.so.16.38.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libpng16-74de970d.so.16.38.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libpng16-74de970d.so.16.38.0: EOF
2023-10-21T11:20:33.967+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libtiff-e8d4c6df.so.5.8.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libtiff-e8d4c6df.so.5.8.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libtiff-e8d4c6df.so.5.8.0: EOF
2023-10-21T11:20:34.054+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libwebp-085543a6.so.7.1.5) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebp-085543a6.so.7.1.5: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebp-085543a6.so.7.1.5: EOF
2023-10-21T11:20:34.058+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpdemux-820daabd.so.2.0.11) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpdemux-820daabd.so.2.0.11: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpdemux-820daabd.so.2.0.11: EOF
2023-10-21T11:20:34.062+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpmux-40783abb.so.3.0.10) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpmux-40783abb.so.3.0.10: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libwebpmux-40783abb.so.3.0.10: EOF
2023-10-21T11:20:34.076+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/Pillow.libs/libxcb-07618c2c.so.1.1.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libxcb-07618c2c.so.1.1.0: failed to parse usr/local/lib/python3.11/site-packages/Pillow.libs/libxcb-07618c2c.so.1.1.0: EOF
2023-10-21T11:20:46.738+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/google_crc32c/_crc32c.cpython-311-x86_64-linux-gnu.so) parse error: failed to parse usr/local/lib/python3.11/site-packages/google_crc32c/_crc32c.cpython-311-x86_64-linux-gnu.so: failed to parse usr/local/lib/python3.11/site-packages/google_crc32c/_crc32c.cpython-311-x86_64-linux-gnu.so: EOF
2023-10-21T11:20:46.744+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/google_crc32c.libs/libcrc32c-7ebc40c5.so.1.1.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/google_crc32c.libs/libcrc32c-7ebc40c5.so.1.1.0: failed to parse usr/local/lib/python3.11/site-packages/google_crc32c.libs/libcrc32c-7ebc40c5.so.1.1.0: EOF
2023-10-21T11:20:58.570+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcom_err-2abe824b.so.2.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcom_err-2abe824b.so.2.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcom_err-2abe824b.so.2.1: EOF
2023-10-21T11:20:59.076+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcrypto-2ade47cd.so.1.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcrypto-2ade47cd.so.1.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libcrypto-2ade47cd.so.1.1: EOF
2023-10-21T11:20:59.107+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libgssapi_krb5-497db0c6.so.2.2) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libgssapi_krb5-497db0c6.so.2.2: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libgssapi_krb5-497db0c6.so.2.2: EOF
2023-10-21T11:20:59.134+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libk5crypto-b1f99d5c.so.3.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libk5crypto-b1f99d5c.so.3.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libk5crypto-b1f99d5c.so.3.1: EOF
2023-10-21T11:20:59.140+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkeyutils-dfe70bd6.so.1.5) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkeyutils-dfe70bd6.so.1.5: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkeyutils-dfe70bd6.so.1.5: EOF
2023-10-21T11:20:59.251+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5-6824148d.so.3.3) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5-6824148d.so.3.3: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5-6824148d.so.3.3: EOF
2023-10-21T11:20:59.254+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5support-f4e34ad2.so.0.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5support-f4e34ad2.so.0.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libkrb5support-f4e34ad2.so.0.1: EOF
2023-10-21T11:20:59.263+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/liblber-2-f65b1f9f.4.so.2.11.7) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/liblber-2-f65b1f9f.4.so.2.11.7: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/liblber-2-f65b1f9f.4.so.2.11.7: EOF
2023-10-21T11:20:59.303+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libldap_r-2-f56d324d.4.so.2.11.7) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libldap_r-2-f56d324d.4.so.2.11.7: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libldap_r-2-f56d324d.4.so.2.11.7: EOF
2023-10-21T11:20:59.347+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpcre-9513aab5.so.1.2.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpcre-9513aab5.so.1.2.0: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpcre-9513aab5.so.1.2.0: EOF
2023-10-21T11:20:59.381+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpq-e85f78f2.so.5.15) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpq-e85f78f2.so.5.15: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libpq-e85f78f2.so.5.15: EOF
2023-10-21T11:20:59.406+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libsasl2-0f265e47.so.3.0.0) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libsasl2-0f265e47.so.3.0.0: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libsasl2-0f265e47.so.3.0.0: EOF
2023-10-21T11:20:59.429+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libselinux-0922c95c.so.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libselinux-0922c95c.so.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libselinux-0922c95c.so.1: EOF
2023-10-21T11:20:59.502+0330    DEBUG   Analysis error: go binary (filepath: usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libssl-3a880ada.so.1.1) parse error: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libssl-3a880ada.so.1.1: failed to parse usr/local/lib/python3.11/site-packages/psycopg2_binary.libs/libssl-3a880ada.so.1.1: EOF
2023-10-21T11:21:04.891+0330    DEBUG   Missing diff ID in cache: sha256:2bff614496bd6bd6cf7ef27289eafd4b87c742ddb410e3433d1924a382c3673a
2023-10-21T11:21:05.236+0330    DEBUG   Missing diff ID in cache: sha256:fb0a4969ffd45d31421d83fd412282ed1a6821db32f9b0165c1ce9607946630f
2023-10-21T11:21:05.511+0330    DEBUG   Missing diff ID in cache: sha256:8f968375580cb7ef287ecb9b4bffe59aa51be713294d6be913878a5dbe2372f9
2023-10-21T11:21:05.594+0330    DEBUG   Unable to parse "var/lib/dpkg/available" file: file open error: open var/lib/dpkg/available: file does not exist
2023-10-21T11:21:05.600+0330    DEBUG   Missing diff ID in cache: sha256:2fa3accc965a4108195700aff2fc4770e136ee6723467c931836b3ab9dd915d7
2023-10-21T11:22:17.932+0330    FATAL   image scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.Run
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:424
  - scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:268
  - scan failed:
    github.com/aquasecurity/trivy/pkg/commands/artifact.scan
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:685
  - failed analysis:
    github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact
        github.com/aquasecurity/trivy/pkg/scanner/scan.go:147
  - analyze error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.Inspect
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:139
  - pipeline error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspect
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:243
  - failed to analyze layer (sha256:ec7977d9799d0836545b9dee969cfea8b17747287171d50fb0e0f53e68505738):
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspect.func1
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:230
  - walk error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspectLayer
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:304
  - failed to extract the archive:
    github.com/aquasecurity/trivy/pkg/fanal/walker.LayerTar.Walk
        github.com/aquasecurity/trivy/pkg/fanal/walker/tar.go:48
  - stream error: stream ID 19; INTERNAL_ERROR; received from peer

Operating System

Ubuntu 2204

Version

Version: 0.46.0
Vulnerability DB:
  Version: 2
  UpdatedAt: 2023-10-21 06:16:33.942772363 +0000 UTC
  NextUpdate: 2023-10-21 12:16:33.942771963 +0000 UTC
  DownloadedAt: 2023-10-21 06:28:29.977546343 +0000 UTC
Java DB:
  Version: 1
  UpdatedAt: 2023-10-21 01:04:48.607832127 +0000 UTC
  NextUpdate: 2023-10-24 01:04:48.607831727 +0000 UTC
  DownloadedAt: 2023-10-21 06:33:08.263405422 +0000 UTC

Checklist

Run trivy image --reset
Read the troubleshooting

AshkanRafiee · 2023-10-21T08:12:36Z

AshkanRafiee
Oct 21, 2023
Author

The occurrence is consistent across both the secret and vulnerability scanners. Remarkably, it sporadically resolves itself after repeated attempts, only to reoccur upon executing the 'trivy image --reset' command.

0 replies

DmitriyLewen · 2023-10-23T03:22:30Z

DmitriyLewen
Oct 23, 2023
Maintainer

Hello @AshkanRafiee
Thanks for your report!

Can you share your image to investigate this problem?

And 1 more question - do you use local or remote image?

Regards, Dmitriy

1 reply

nikpivkin Oct 24, 2023
Maintainer

@DmitriyLewen I think it's related #5345

AshkanRafiee · 2023-10-24T08:52:04Z

AshkanRafiee
Oct 24, 2023
Author

Hi, @DmitriyLewen
I regret that I am unable to provide the image as it contains sensitive information. However, I can describe the testing scenarios I performed. I conducted tests on both local and remote scanning processes. During the local scan, I encountered no issues. It is worth noting that I initiated each local scan by running 'trivy image --reset' to ensure a fresh start for every attempt. To further validate the results, I repeated the local scan multiple times (approximately 2-3 iterations), and the issue did not manifest.

Conversely, during remote scanning, the problem surfaced during the initial scan. However, upon subsequent scans without executing the 'reset' command, the issue appeared to resolve itself, and the scans were successfully completed without errors.

3 replies

DmitriyLewen Oct 24, 2023
Maintainer

okay, I have a few ideas.
Can you tell me what file types (languages) your image includes?

DmitriyLewen Oct 24, 2023
Maintainer

have you tried scanning an image without a “secret” scanner?

AshkanRafiee Oct 24, 2023
Author

My base image is 'node:18-alpine,' and it's important to note that the error does not occur within the base image itself. Within this environment, I utilize npm, yarn, and apk as package managers. The project consists of a React application, Node.js packages, TypeScript files, and JavaScript files.

I encountered this issue while configuring the '--scanners' option to use 'vuln.' I also made attempts to address the problem by using the '--offline-scan' option, but the results remained consistent.

Here is Another Debugging data from another image:

trivy -d image --ignore-unfixed --severity CRITICAL,HIGH --offline-scan --scanners vuln docker.somewhere.dev/something@sha256:blablabla
2023-10-24T12:42:37.821+0330    DEBUG   Severities: ["CRITICAL" "HIGH"]
2023-10-24T12:42:37.822+0330    DEBUG   Ignore statuses {"statuses": ["unknown","not_affected","affected","under_investigation","will_not_fix","fix_deferred","end_of_life"]}
2023-10-24T12:42:37.831+0330    DEBUG   cache dir:  /home/username/.cache/trivy
2023-10-24T12:42:37.831+0330    DEBUG   There is no valid metadata file: unable to open a file: open /home/username/.cache/trivy/db/metadata.json: no such file or directory
2023-10-24T12:42:37.831+0330    INFO    Need to update DB
2023-10-24T12:42:37.831+0330    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db
2023-10-24T12:42:37.831+0330    INFO    Downloading DB...
2023-10-24T12:42:37.832+0330    DEBUG   no metadata file
40.64 MiB / 40.64 MiB [----------------------------------------------------------------------------------------------------------------------] 100.00% 3.41 MiB p/s 12s
2023-10-24T12:42:51.648+0330    DEBUG   Updating database metadata...
2023-10-24T12:42:51.648+0330    DEBUG   DB Schema: 2, UpdatedAt: 2023-10-24 06:21:07.363121077 +0000 UTC, NextUpdate: 2023-10-24 12:21:07.363120777 +0000 UTC, DownloadedAt: 2023-10-24 09:12:51.648580602 +0000 UTC
2023-10-24T12:42:51.648+0330    INFO    Vulnerability scanning is enabled
2023-10-24T12:42:51.649+0330    DEBUG   Vulnerability type:  [os library]
2023-10-24T12:42:52.235+0330    DEBUG   The nuget packages directory couldn't be found. License search disabled
2023-10-24T12:42:52.275+0330    DEBUG   Image ID: sha256:2948c02f5c11e72fd4fdb28ce8ee2eef1416c37c5023c4d8799d43d710b3f6b3
2023-10-24T12:42:52.275+0330    DEBUG   Diff IDs: [sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 sha256:b4d059375c501a7c27bb978f73880b97c529647f8172e8e1d0798afd9feda732 sha256:f845afce9f520cf26f019ca48e7f842af34d5a40197844707512d26c0c5a5b84 sha256:ba0c1f87d7a9b66d76281c01863b0e0778d0f5729a686cbd69a343d3b1d33331 sha256:cbff4d826b37a56655b9bb64ee65313a8889707910c3b56b593a3a972bd1bc43 sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef sha256:43d07085e70c6d08ad73279c7099a95ce88b34b9a9ca8f21d1aaf80cdc4b8915 sha256:407ec839147efb730d9cdb06a0e4bc853e1d40e60a592def75de5b19018704eb sha256:174a4cc238fcc0a448e0d433bf0bc417f6aff9e03e1fabe1e9629f270df77086 sha256:2cdf10d94f7df52c0acbd19e71844a9243064b046cfdda467a4bad251e6477ee sha256:1f15aa9cd3bf42188daca4be2f6712a0a6e94a22a93f3ad536713ccca8b75642 sha256:9d0aa043ea322a0604fa2ffe6d3a53d617ada5ba33b8cf6e747bec941e00a21f sha256:19c555ccad7408672e6a555fdabea8b0de3a3f066751c71e062844fb2363157d sha256:64ba88bbc4083adbe4a260b59e6644df1e2134fb65e771cb9d2f679c48ad2295 sha256:bdf980b38c8404ac09fc45ac98551bf22ee6007738408209e9636e065e0bce50 sha256:0776d0e71894e08458fd2721f568b1d394dee9d1e908f78143b4be803c966ccc sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef sha256:9eae58491b06e3b4a1e4d9cd97864d2e60e072e083d12193fe423e2626a0befe sha256:623c135a48d5695e495131611912f85b4a197985df3bbdc1dd6a0b44fbbb484f]
2023-10-24T12:42:52.276+0330    DEBUG   Base Layers: [sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 sha256:b4d059375c501a7c27bb978f73880b97c529647f8172e8e1d0798afd9feda732 sha256:f845afce9f520cf26f019ca48e7f842af34d5a40197844707512d26c0c5a5b84 sha256:ba0c1f87d7a9b66d76281c01863b0e0778d0f5729a686cbd69a343d3b1d33331]
2023-10-24T12:42:52.276+0330    DEBUG   Missing image ID in cache: sha256:2948c02f5c11e72fd4fdb28ce8ee2eef1416c37c5023c4d8799d43d710b3f6b3
2023-10-24T12:42:52.276+0330    DEBUG   Missing diff ID in cache: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438
2023-10-24T12:42:52.276+0330    DEBUG   Missing diff ID in cache: sha256:cbff4d826b37a56655b9bb64ee65313a8889707910c3b56b593a3a972bd1bc43
2023-10-24T12:42:52.276+0330    DEBUG   Missing diff ID in cache: sha256:f845afce9f520cf26f019ca48e7f842af34d5a40197844707512d26c0c5a5b84
2023-10-24T12:42:52.276+0330    DEBUG   Missing diff ID in cache: sha256:ba0c1f87d7a9b66d76281c01863b0e0778d0f5729a686cbd69a343d3b1d33331
2023-10-24T12:42:52.276+0330    DEBUG   Missing diff ID in cache: sha256:b4d059375c501a7c27bb978f73880b97c529647f8172e8e1d0798afd9feda732
2023-10-24T12:42:52.297+0330    DEBUG   Missing diff ID in cache: sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef
2023-10-24T12:42:52.455+0330    DEBUG   Skipping directory: dev
2023-10-24T12:42:52.639+0330    DEBUG   Missing diff ID in cache: sha256:43d07085e70c6d08ad73279c7099a95ce88b34b9a9ca8f21d1aaf80cdc4b8915
2023-10-24T12:42:52.644+0330    DEBUG   Missing diff ID in cache: sha256:407ec839147efb730d9cdb06a0e4bc853e1d40e60a592def75de5b19018704eb
2023-10-24T12:42:53.251+0330    DEBUG   Skipping directory: proc
2023-10-24T12:42:53.261+0330    DEBUG   Skipping directory: sys
2023-10-24T12:42:53.306+0330    DEBUG   Missing diff ID in cache: sha256:174a4cc238fcc0a448e0d433bf0bc417f6aff9e03e1fabe1e9629f270df77086
2023-10-24T12:42:53.646+0330    DEBUG   Missing diff ID in cache: sha256:2cdf10d94f7df52c0acbd19e71844a9243064b046cfdda467a4bad251e6477ee
2023-10-24T12:42:53.919+0330    DEBUG   Missing diff ID in cache: sha256:1f15aa9cd3bf42188daca4be2f6712a0a6e94a22a93f3ad536713ccca8b75642
2023-10-24T12:42:54.183+0330    DEBUG   Missing diff ID in cache: sha256:9d0aa043ea322a0604fa2ffe6d3a53d617ada5ba33b8cf6e747bec941e00a21f
2023-10-24T12:42:54.576+0330    DEBUG   Missing diff ID in cache: sha256:19c555ccad7408672e6a555fdabea8b0de3a3f066751c71e062844fb2363157d
2023-10-24T12:42:54.592+0330    DEBUG   Missing diff ID in cache: sha256:64ba88bbc4083adbe4a260b59e6644df1e2134fb65e771cb9d2f679c48ad2295
2023-10-24T12:42:54.819+0330    DEBUG   Missing diff ID in cache: sha256:bdf980b38c8404ac09fc45ac98551bf22ee6007738408209e9636e065e0bce50
2023-10-24T12:42:54.852+0330    DEBUG   Missing diff ID in cache: sha256:0776d0e71894e08458fd2721f568b1d394dee9d1e908f78143b4be803c966ccc
2023-10-24T12:43:07.934+0330    DEBUG   Missing diff ID in cache: sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef
2023-10-24T12:43:08.304+0330    DEBUG   Missing diff ID in cache: sha256:9eae58491b06e3b4a1e4d9cd97864d2e60e072e083d12193fe423e2626a0befe
2023-10-24T12:43:08.990+0330    DEBUG   Missing diff ID in cache: sha256:623c135a48d5695e495131611912f85b4a197985df3bbdc1dd6a0b44fbbb484f
2023-10-24T12:43:29.499+0330    DEBUG   Analysis error: failed to parse home/node/app/node_modules/eslint-plugin-react/node_modules/resolve/test/resolver/malformed_package_json/package.json: failed to parse home/node/app/node_modules/eslint-plugin-react/node_modules/resolve/test/resolver/malformed_package_json/package.json: JSON decode error: unexpected EOF
2023-10-24T12:43:36.361+0330    DEBUG   Analysis error: failed to parse home/node/app/node_modules/resolve/test/resolver/malformed_package_json/package.json: failed to parse home/node/app/node_modules/resolve/test/resolver/malformed_package_json/package.json: JSON decode error: unexpected EOF
2023-10-24T12:45:58.481+0330    DEBUG   Analysis error: failed to parse usr/local/share/.cache/yarn/v6/npm-resolve-1.22.2-0ed0943d4e301867955766c9f3e1ae6d01c6845f-integrity/node_modules/resolve/test/resolver/malformed_package_json/package.json: failed to parse usr/local/share/.cache/yarn/v6/npm-resolve-1.22.2-0ed0943d4e301867955766c9f3e1ae6d01c6845f-integrity/node_modules/resolve/test/resolver/malformed_package_json/package.json: JSON decode error: unexpected EOF
2023-10-24T12:45:58.489+0330    DEBUG   Analysis error: failed to parse usr/local/share/.cache/yarn/v6/npm-resolve-2.0.0-next.4-3d37a113d6429f496ec4752d2a2e58efb1fd4660-integrity/node_modules/resolve/test/resolver/malformed_package_json/package.json: failed to parse usr/local/share/.cache/yarn/v6/npm-resolve-2.0.0-next.4-3d37a113d6429f496ec4752d2a2e58efb1fd4660-integrity/node_modules/resolve/test/resolver/malformed_package_json/package.json: JSON decode error: unexpected EOF
2023-10-24T12:47:12.509+0330    FATAL   image scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.Run
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:424
  - scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:268
  - scan failed:
    github.com/aquasecurity/trivy/pkg/commands/artifact.scan
        github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:685
  - failed analysis:
    github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact
        github.com/aquasecurity/trivy/pkg/scanner/scan.go:147
  - analyze error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.Inspect
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:139
  - pipeline error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspect
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:243
  - failed to analyze layer (sha256:623c135a48d5695e495131611912f85b4a197985df3bbdc1dd6a0b44fbbb484f):
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspect.func1
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:230
  - walk error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspectLayer
        github.com/aquasecurity/trivy/pkg/fanal/artifact/image/image.go:304
  - failed to extract the archive:
    github.com/aquasecurity/trivy/pkg/fanal/walker.LayerTar.Walk
        github.com/aquasecurity/trivy/pkg/fanal/walker/tar.go:48
  - stream error: stream ID 45; INTERNAL_ERROR; received from peer

DmitriyLewen · 2023-10-25T03:14:31Z

DmitriyLewen
Oct 25, 2023
Maintainer

Created #5440 for this issue.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug] Trivy Image Scanning Issue #5420

{{title}}

Replies: 4 comments 4 replies

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

[Bug] Trivy Image Scanning Issue #5420

AshkanRafiee Oct 21, 2023

Description

Desired Behavior

Actual Behavior

Reproduction Steps

Target

Scanner

Output Format

Mode

Debug Output

Operating System

Version

Checklist

Replies: 4 comments · 4 replies

AshkanRafiee Oct 21, 2023 Author

DmitriyLewen Oct 23, 2023 Maintainer

nikpivkin Oct 24, 2023 Maintainer

AshkanRafiee Oct 24, 2023 Author

DmitriyLewen Oct 24, 2023 Maintainer

DmitriyLewen Oct 24, 2023 Maintainer

AshkanRafiee Oct 24, 2023 Author

DmitriyLewen Oct 25, 2023 Maintainer

AshkanRafiee
Oct 21, 2023

Replies: 4 comments 4 replies

AshkanRafiee
Oct 21, 2023
Author

DmitriyLewen
Oct 23, 2023
Maintainer

nikpivkin Oct 24, 2023
Maintainer

AshkanRafiee
Oct 24, 2023
Author

DmitriyLewen Oct 24, 2023
Maintainer

DmitriyLewen Oct 24, 2023
Maintainer

AshkanRafiee Oct 24, 2023
Author

DmitriyLewen
Oct 25, 2023
Maintainer