Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

containers devsecops docker go golang hacktoberfest iac infrastructure-as-code kubernetes misconfiguration security security-tools vulnerability vulnerability-detection vulnerability-scanners
31 Open Issues Need Help Last updated: Jul 8, 2026

Open Issues Need Help

View All on GitHub

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/feature

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/feature scan/sbom

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted kind/feature

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted kind/feature priority/backlog

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/feature lifecycle/frozen

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted kind/feature target/filesystem

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
kind/bug help wanted scan/license

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
kind/bug help wanted good first issue scan/vulnerability

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
good first issue kind/feature scan/misconfiguration

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
good first issue kind/feature scan/misconfiguration

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

AI Summary: The client/server documentation for the `version` endpoint displays an outdated example response. The current example includes `JavaDB` and `PolicyBundle`, which are no longer returned by the server since #10075, as these are now handled client-side. The documentation needs to be updated to reflect the server's current response, which only contains `VulnerabilityDB` information.

Complexity: 1/5
good first issue kind/documentation

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted kind/feature scan/vulnerability target/filesystem

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
good first issue kind/feature scan/misconfiguration

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/cleanup

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted scan/secret

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
kind/bug help wanted good first issue

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/documentation

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
kind/bug help wanted good first issue scan/license

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
Support Fedora 10 months ago
help wanted kind/feature priority/backlog scan/vulnerability

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/feature

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners
help wanted good first issue kind/feature

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

AI Summary: This task involves adding support for AlmaLinux 10 to the Trivy vulnerability scanner. This requires updating the vulnerability database (`vuln-list-update`) to include AlmaLinux 10 advisories, rebuilding the Trivy database (`trivy-db`), and finally updating the Trivy scanner itself to correctly identify and report vulnerabilities in AlmaLinux 10 images. The process involves using various command-line tools and potentially interacting with a BoltDB database.

Complexity: 4/5
help wanted good first issue kind/feature scan/vulnerability

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

AI Summary: The task is to fix a bug in Trivy's RPM package analyzer where it fails to correctly parse epoch information from RPM entries within the `/var/lib/rpmmanifest/container-manifest-2` file. This requires modifying the `rpmqa.go` file to ensure accurate parsing of epoch data from RPM metadata.

Complexity: 4/5
kind/bug help wanted good first issue

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners

AI Summary: The task requires modifying Trivy's license ignore functionality. Currently, Trivy only ignores licenses matching the exact SPDX expression. This issue proposes enhancing it to ignore licenses if all individual SPDX IDs within an expression are present in the ignore list. This involves validating SPDX expressions, splitting them into individual IDs, and using Trivy's existing license matching function for both individual IDs and the full expression.

Complexity: 4/5
help wanted kind/feature scan/license

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go
#containers#devsecops#docker#go#golang#hacktoberfest#iac#infrastructure-as-code#kubernetes#misconfiguration#security#security-tools#vulnerability#vulnerability-detection#vulnerability-scanners