workspaces-core-images icon indicating copy to clipboard operation
workspaces-core-images copied to clipboard
verified publisher icon kasmtech

Core Image Vulnerabilities

Open jrparks opened this issue 7 months ago • 0 comments

VSCode started complaining about the KASM images after I was upgrading and updating custom builds using the kasm core images indicating there are numerous security vulnerabilities. The image contains 3 high vulnerabilities, but many more lower priority vulnerabilities.

I ran a separate scan on kasmweb/core-ubuntu-noble:1.17.0-rolling-daily and it found numerous issues. I went back and also scanned kasmweb/core-ubuntu-noble:1.16.1-rolling-daily and it also had similar vulnerabilities.

  • trivy image kasmweb/core-ubuntu-noble:1.17.0-rolling-daily
  • trivy image kasmweb/core-ubuntu-noble:1.16.1-rolling-daily

Would someone look at these and resolve the high and med priority vulnerabilities since those core images are used for a lot of different builds?

Thank you Jason

jrparks avatar Apr 30 '25 20:04 jrparks