You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
have you ever tried to use "adoptopenjdk/openjdk11:alpine", "adoptopenjdk/openjdk11:centos", "adoptopenjdk/openjdk11:latest" (ubuntu) as base image (FROM ..)? These images are based on the vendor's base images (e.g. alpine:3.14) and are likely to be more secure.
To explain: Yesterday I started scanning my images for vulnerabilities with SNYK (Docker Scan...). According to SNYK, by switching from alpine:3.12 to alpine:3.14 as a base, I was able to close all vulnerabilities.
Then I noticed that you are using "azul/zulu-openjdk-alpine:jdk11" as the base image.
And unfortunately the makers of this image only use a tar file as a basis. That can include pretty much anything. Then I tried to scan it for vulnerabilities but that fails....
The image may not be secure, but it doesn't have to be. Just wanted to point that out.
Greetings Lasse
The text was updated successfully, but these errors were encountered:
Hi.
have you ever tried to use "adoptopenjdk/openjdk11:alpine", "adoptopenjdk/openjdk11:centos", "adoptopenjdk/openjdk11:latest" (ubuntu) as base image (FROM ..)? These images are based on the vendor's base images (e.g. alpine:3.14) and are likely to be more secure.
To explain: Yesterday I started scanning my images for vulnerabilities with SNYK (Docker Scan...). According to SNYK, by switching from alpine:3.12 to alpine:3.14 as a base, I was able to close all vulnerabilities.
Then I noticed that you are using "azul/zulu-openjdk-alpine:jdk11" as the base image.
And unfortunately the makers of this image only use a tar file as a basis. That can include pretty much anything. Then I tried to scan it for vulnerabilities but that fails....
The image may not be secure, but it doesn't have to be. Just wanted to point that out.
Greetings Lasse
The text was updated successfully, but these errors were encountered: