Docker Community Forums

Share and learn in the Docker community.

When do we expect fix on medium vulnerabilities on ubuntu base image


Hi Team,

We are using quay for vulnerability scanning for our docker images. Initially, we were using debian:stretch as our base image which had more than 400 vulnerabilities including medium and low. Now we have switched to ubuntu as our base image and still, we are able to see medium vulnerabilities in it. So we need to know when can we expect these to be fixed. PFB the packages which are vulnerable:

  1. binutils
  2. tiff
  3. libwebp
  4. apparmor
  5. libpng1.6
  6. krb5

Please do reply.