Hi Srdjan, I'm a developer of Trivy. In my environment, it works well. Also, Trivy looks at a source package name to detect vulnerabilities in the case of Ubuntu, so this bug should not happen. In this case, the source package name is libidn2 in Ubuntu 18.04, not libidn2-0. But I may overlooked something. Let me know the detail here, please. https://github.com/aquasecurity/trivy/issues
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1855768 Title: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1855768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs