My general feeling on this is that there is a spectrum from “most safe” to “least safe”. On the “most safe” side of the spectrum are things like official images (
java, etc.) which are provided either by Docker, Inc. or by the 3rd parties themselves and are meticulously scanned and evaluated, in addition to being frequently used (and consequently, “battle hardened”). Then there are images that reputable organizations such as Rancher publish to make their own tools more available, which are not “official” Docker library images but are still very high quality.
At the other end of the spectrum are “unsafe” images put together and pushed to the Hub by essentially random users. I’d highly suggest against using any of these as they are of wildly varying quality and in the worst case might even contain malicious code.
At the end of the day, it’s a judgment call for your organization, my suggestion would be to maintain an image “whitelist” of base images that your organization approves. The official images are frequently updated with the latest security patches etc. so using those would save you the pain of “forking” them internally and trying to keep everything up to date as far as security and patch updates goes.