search

Azure / azure-functions-docker

This repo contains the base Docker images for working with azure functions
MIT License
268 stars 118 forks source link

mcr.microsoft.com/azure-functions/python:4-python3.10-slim vulnerably #943

Open georgesterian opened 1 year ago

georgesterian commented 1 year ago

Hi, We are using the following Azure Function Python docker image for our application on AKS: mcr.microsoft.com/azure-functions/python:4-python3.10-slim.

This is the latest image that I can find on docker: https://hub.docker.com/_/microsoft-azure-functions-python. However, we noticed that the image contains a lot of vulnerability when we performed a vulnerability scan using Trivy.

Do you know if this is a known issue, and do you know if Microsoft will be providing a more up to date docker image for Azure Function Python soon?

sudharsan2020 commented 1 year ago

@georgesterian Also we could observe sonar vulnerabilities in the default docker image generated. Wondering if the Microsoft team will address the issue?

https://rules.sonarsource.com/docker/RSPEC-6470/ https://rules.sonarsource.com/docker/RSPEC-6471/

slbin commented 5 months ago

same in our case, any further advice?