helmfile icon indicating copy to clipboard operation
helmfile copied to clipboard

Published 20 hours ago verified publisher icon roboll

Security vulnerabilities in docker images

Open petrovicboban opened this issue 3 years ago • 2 comments

Is there any plan to work on fixing security vulnerabilities in published docker images? My organization is using XRay, which blocks images with high severity vulnerabilities, and this greatly reduces adoption of this project among companies.

petrovicboban avatar Feb 10 '22 22:02 petrovicboban

Here are some examples of security vulnerabilities reported by XRay, for v0.143.0, alpine image. image

image (1)

petrovicboban avatar Feb 14 '22 16:02 petrovicboban

It seems that those vulnerabilities are not introduced by helmfile itself, but helm plugins. I'm experimenting to find out what can be done.

petrovicboban avatar Feb 14 '22 16:02 petrovicboban