The underlying security issue has been fixed by PR #720 on 2019-04-02. But it seems that the image registered as confluentinc/cp-zookeeper at dockerhub has not been re-generated after that fix.
Indeed all the images in dockerhub have an io.confluent.docker.git.id of 320c29d which is a commit from 18 Feb 2019. Which is before PR #720 which was merged 2 Apr 2019.
The underlying security issue has been fixed by PR #720 on 2019-04-02. But it seems that the image registered as
confluentinc/cp-zookeeper
at dockerhub has not been re-generated after that fix.docker exec <container_id> apt-key list
includesSo the image must have been created before PR #720 was merged.
This is probably harmless by itself. But raises eyebrows. It certainly raised mine.
Background information for why one needs to be careful when importing keys, can be found at: https://seclists.org/oss-sec/2018/q3/174
Please consider re-generating all the images.