Vulnerability remediation under /var/lib/docker/overlay2/

Hi Team,

Please help me understand if there is a way to remove a particular file from /var/lib/docker/overlay2/…
I understand as per recommendation it is not allowed, but we have a below scenario.

  • We have a security scan which is run across the Linux server
  • Few vulnerabilities were found under /var/lib/docker/overlay2/…
  • Though we tried to fix the vulnerability (upgraded jdk to a new version)
  • We still see the old jdk is present inside these image directories.
  • I even tried removing the old image, still new images has the old jdk software in one of its layer.

Could someone help me explain if there is any workaround for this issue.

Docker version 1.13.1, build 8633870/1.13.1

Thanks,
Ajesh

Hi ajesharavindan

Same requirement comes to me. did you find any workaround this issue.
If yes, Please share the process to fix the java vulnerability?

Thanks.