fluentd-docker-image icon indicating copy to clipboard operation
fluentd-docker-image copied to clipboard
verified publisher icon fluent

fluent/fluentd:v1.11-debian-1 security issues

Open sebastianmacarescu opened this issue 5 years ago • 5 comments

Scanning fluent/fluentd:v1.11-debian-1 with AWS ECR Image scanning yields the following vulnerabilities:

  • 2 critical: CVE-2019-19816, CVE-2019-19814
  • 7 high: CVE-2013-7445, CVE-2019-19815, CVE-2020-13974, CVE-2019-19074, CVE-2020-12464, CVE-2019-19813, CVE-2020-10878

Most of them are related to linux:4.19.118-2 package.

sebastianmacarescu avatar Jul 09 '20 19:07 sebastianmacarescu

and that package should NOT be installed AFAIK - atleast after build it should not be necessary (its not like docker instances run their own kernel :)

KlavsKlavsen avatar Aug 13 '20 06:08 KlavsKlavsen

Is there a plan to upgrade and fix these CVEs please?

flomontl avatar Sep 30 '20 09:09 flomontl

@sebastianmacarescu were you able to fix this?

g3kr avatar Nov 05 '20 13:11 g3kr

What is the best base image for debian ruby? Currently, we use ruby:2.6-slim-buster. Should be upgraded to ruby:2.7-slim-buster ?

repeatedly avatar Nov 05 '20 14:11 repeatedly

@g3kr No, not yet.

sebastianmacarescu avatar Nov 05 '20 14:11 sebastianmacarescu