Hi Team,

We are using IBM App Connect Pro in the containerized form in AWS FARGATE. The Dockerfile uses Centos:7 as a base OS image and with the latest centos;7 image we see few vulnerabilities. Could you please guide me how should we remediate these as we have pulled the latest Centos:7 image (docker pull centos:7) and also added yum update in the Dockerfile instructions. The vulnerabilities have reduced but could still see some (pdf screenshot in below links). Any help would be appreciated.

Thanks in advance.

Just out of curriousity: If the latest packages from the centos repositories still have those vulnerabilities, how would you fix those vulnerabilites with a bare metal or vm installation?

ideally it should be reported to centos and request them to release patch for it. Upgrading to Major version is also a choice but it does show these vulnerabilities against centos8 also.