fluentd-kubernetes-daemonset
fluentd-kubernetes-daemonset copied to clipboard
Image vulnerabilities on fluentd-kubernetes-daemonset:v1.16.3-debian-opensearch-2.1
Describe the bug
Hello,
the released images have a lot of vulnerabilities (including critical and high ones):
total - 18, critical - 0, high - 1, medium - 1, low - 16 Vulnerability threshold check results: PASS
Compliance Issues +----------+------------------------------------------------------------------------+ | SEVERITY | DESCRIPTION | +----------+------------------------------------------------------------------------+ | high | (CIS_Docker_v1.5.0 - 4.1) Image should be created with a non-root user | +----------+------------------------------------------------------------------------+ | high | Private keys stored in image | +----------+------------------------------------------------------------------------+
I suppose that most of them are present in the base image that you are using. Can you update it to include all the security fixes?
To Reproduce
total - 18, critical - 0, high - 1, medium - 1, low - 16 Vulnerability threshold check results: PASS
Compliance Issues +----------+------------------------------------------------------------------------+ | SEVERITY | DESCRIPTION | +----------+------------------------------------------------------------------------+ | high | (CIS_Docker_v1.5.0 - 4.1) Image should be created with a non-root user | +----------+------------------------------------------------------------------------+ | high | Private keys stored in image | +----------+------------------------------------------------------------------------+
Expected behavior
Expecting the image to have no CVSS suspecting any security concerns
Your Environment
- Tag of using fluentd-kubernetes-daemonset:
v1.16.3-debian-opensearch-2.1
Your Configuration
Ubuntu
Your Error Log
total - 18, critical - 0, high - 1, medium - 1, low - 16
Vulnerability threshold check results: PASS
Compliance Issues
+----------+------------------------------------------------------------------------+
| SEVERITY | DESCRIPTION |
+----------+------------------------------------------------------------------------+
| high | (CIS_Docker_v1.5.0 - 4.1) Image should be created with a non-root user |
+----------+------------------------------------------------------------------------+
| high | Private keys stored in image |
+----------+------------------------------------------------------------------------+
Additional context
No response