Before you file an issue here, please keep in mind that your issue may be not related to the image itself. Please make sure that it is, otherwise report the issue upstream.
Expected behavior
No High or critical CVEs with twistlock scan
Actual behavior
We see 5 critical and 13 high vulnerabilities with twistlock scan.
Attaching the CVEs for reference.
package vulnerabilities. Kindly see
zookeeper-3-6-3 (2) (1).csv
attachment with the actual issues.
libgcc1,gcc-8-base,libstdc++6 gcc-8
io.netty_netty-codec
log4j_log4j
go
Closing this because most of the issues should be fixed in the newest 3.6.4 tag. 3.6.3 is no longer maintained because it was based on completely deprecatedopenjdk image.
Before you file an issue here, please keep in mind that your issue may be not related to the image itself. Please make sure that it is, otherwise report the issue upstream.
Expected behavior
No High or critical CVEs with twistlock scan
Actual behavior
We see 5 critical and 13 high vulnerabilities with twistlock scan.
Steps to reproduce the behavior
Local twistlock scanning of image https://github.com/31z4/zookeeper-docker/tree/master/3.6.3
System configuration
Attaching the CVEs for reference. package vulnerabilities. Kindly see zookeeper-3-6-3 (2) (1).csv attachment with the actual issues. libgcc1,gcc-8-base,libstdc++6 gcc-8 io.netty_netty-codec log4j_log4j go