Open ashishpatil09 opened 3 years ago
I am facing the same issue. When I do a vulnerability scan on the image I get the same flags. It would be a case of updating dependent packages to a newer version @wurstmeister
This image directly builds from Kafka binaries. Security issues should be fixed there first
Would that be applicable if the vulnerabilities noted are mostly due to the openjdk and glibc versions being used as part of 2.13-2.7.0?
Those would be applicable to the base Docker image used by this repo, not exactly Kafka itself.
Hi Team
I wanted to use the 2.6.0 docker image for Kafka but It has lots of security vulnerabilities. Please find the below list of security vulnerabilities CVE-2021-36159 CVE-2020-25649 CVE-2021-22926 CVE-2021-22922 CVE-2021-22924 CVE-2021-22922 CVE-2021-22924 CVE-2021-31535 CVE-2019-17571
Do we have any plan to fix this in the coming version or any suggestions around this? @wurstmeister
Thanks Ashish