You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the container image is based on openjdk:8-jre-alpine. The latest release of ma1uta/ma1sd contains ~65 vulnerabilities (all fixable):
I tried to add a RUN apk upgrade --update-cache --available to your Dockerfile, which brought down the amount of vulnerabilities to 42 (all fixable):
Examining these vulnerabilities shows that they are all caused by a (severely) outdated openjdk version:
I wondered why these fixes were not included in your base image and quickly found this post: docker-library/openjdk#272
As you can see, openJDK 8 is not a good candidate to base your image on anymore.
I found an alternative base image adoptopenjdk/openjdk11:alpine, and when I use that (including RUN apk upgrade --update-cache --available) I get no vulnerabilities anymore:
(I have not actually run the image yet, so don't actually know if it's fully compatible)
The text was updated successfully, but these errors were encountered:
Currently the container image is based on
openjdk:8-jre-alpine. The latest release ofma1uta/ma1sdcontains ~65 vulnerabilities (all fixable):I tried to add a
RUN apk upgrade --update-cache --availableto your Dockerfile, which brought down the amount of vulnerabilities to 42 (all fixable):Examining these vulnerabilities shows that they are all caused by a (severely) outdated openjdk version:
I wondered why these fixes were not included in your base image and quickly found this post:
docker-library/openjdk#272
As you can see, openJDK 8 is not a good candidate to base your image on anymore.
I found an alternative base image
adoptopenjdk/openjdk11:alpine, and when I use that (includingRUN apk upgrade --update-cache --available) I get no vulnerabilities anymore:(I have not actually run the image yet, so don't actually know if it's fully compatible)
The text was updated successfully, but these errors were encountered: