Multiple security vulnerabilities are detected with Prismacloud docker image scan with the highest ones being at a critical level related to log4js.
Security issues identified - listing only the critical ones, full report can bee seen on attachement:
CVE-2022-23307 (critical) - log4j_log4j
CVE-2021-38297 (critical) - go
CVE-2019-17571 (critical) - log4j_log4j
Importance
Log4js has been identified and with a major vulnerability issue and it requires urgent attention to keep systems using it safe
anishakj
commented
2 years ago
Description
Multiple security vulnerabilities are detected with Prismacloud docker image scan with the highest ones being at a critical level related to log4js.
Security issues identified - listing only the critical ones, full report can bee seen on attachement: CVE-2022-23307 (critical) - log4j_log4j
CVE-2021-38297 (critical) - go CVE-2019-17571 (critical) - log4j_log4j
Importance
Log4js has been identified and with a major vulnerability issue and it requires urgent attention to keep systems using it safe
Location
Docker Image version used: pravega/zookeeper:0.2.13
Suggestions for an improvement
No suggestions personally as I am not familiar how these issues can be fixed. security-vulnerabilities.txt