CVEs in openjdk:8-jre-slim #185

subsahu123 · 2018-04-12T12:29:39Z

Hi,
We are trying to use solr:7.2-slim image for our project and upon running clair-scanner we found the below High and Medium CVEs against the base openjdk:8-jre-slim image. Any idea if these have already been mitigated or there are updates packages we need to pull.

Regards
Subhankar

High CVE-2017-16997
High CVE-2017-1000408
High CVE-2018-6485
High CVE-2017-14062
High CVE-2018-6551
High CVE-2017-8804
High CVE-2016-2779
High CVE-2017-12424
High CVE-2018-1000001
High CVE-2017-15400
High CVE-2018-6954
Medium CVE-2018-1049
Medium CVE-2018-5729
Medium CVE-2018-7169
Medium CVE-2017-12132
Medium CVE-2017-3738
Medium CVE-2018-5730
Medium CVE-2011-3389
Medium CVE-2018-8740
Medium CVE-2018-5710
Medium CVE-2018-5709
Medium CVE-2016-10228
Medium CVE-2017-1000409
Medium CVE-2018-1000035

#docker-solr/docker-solr#171

tianon · 2018-04-12T19:00:27Z

Since we're based on Debian in the tag you've referenced (and even getting OpenJDK from Debian's package), the appropriate place to get more information about whether these issues are meaningful or will receive a fix would be the following URLs: (which Clair should've also provided for you)

See also #161, #112, docker-library/postgres#286, docker-library/drupal#84, docker-library/official-images#2740, docker-library/ruby#117, docker-library/ruby#94, docker-library/python#152, docker-library/php#242, docker-library/buildpack-deps#46.

tianon closed this as completed Apr 12, 2018

tianon mentioned this issue Apr 20, 2018

Multiple Vulnerabilities in php 7.0.x docker-library/owncloud#90

Closed

tianon mentioned this issue May 7, 2018

Update Base Images? docker-library/official-images#4315

Closed

wglambert mentioned this issue May 22, 2018

Image tags have known vulnerabilities docker-library/golang#222

Closed

wglambert mentioned this issue Jul 9, 2018

vulnerability in 8-jdk-alpine image #213

Closed

wglambert mentioned this issue Jul 19, 2018

Scan results mismatch docker-library/mysql#455

Closed

This was referenced Oct 24, 2018

Security vulnerabilities Tomcat 8.5.34-jre8-slim docker-library/tomcat#136

Closed

Security vulnerabilities 9.5.14 docker-library/postgres#514

Closed

wglambert mentioned this issue Nov 30, 2018

Security issues in official ruby 2.3.1 image - Quay Scan docker-library/ruby#248

Closed

wglambert mentioned this issue Feb 8, 2019

Vulnerabilities reported by hub.docker.com docker-library/mysql#538

Closed

wglambert mentioned this issue May 21, 2019

openjdk:8u212-jdk-alpine3.9 Docker image has high security vulnerability #321

Closed

wglambert mentioned this issue Jul 16, 2019

[Question] procps runtime dependency docker-library/ruby#291

Closed

wglambert mentioned this issue Aug 12, 2019

musl vulnerability in alpine docker-library/docker#186

Closed

wglambert mentioned this issue Aug 23, 2019

Security vulnerabilities with version 8-jre-slim #349

Closed

wglambert mentioned this issue Oct 23, 2019

Vulnerabilities in Docker images 3.0 and 3.11 docker-library/cassandra#194

Closed

wglambert mentioned this issue Dec 17, 2019

request contact with devs docker-library/postgres#655

Closed

wglambert mentioned this issue Jan 13, 2020

vulnaribilities detected by aqua #385

Closed

wglambert mentioned this issue Jan 22, 2020

Updates debian version docker-library/python#449

Closed

wglambert mentioned this issue Feb 3, 2020

Security Contact #388

Closed

wglambert mentioned this issue Feb 27, 2020

ECR image scanning criticals for latest image docker-library/wordpress#472

Closed

wglambert mentioned this issue Mar 19, 2020

CVE’s in base Postgres image docker-library/postgres#701

Closed

wglambert mentioned this issue Apr 8, 2020

Image fails security scan docker-library/rabbitmq#401

Closed

This was referenced Apr 21, 2020

3.7.7-alpine-3.11 sqlite vulnerabilities docker-library/python#471

Closed

Multiple CVEs docker-library/ruby#316

Closed

wglambert mentioned this issue Apr 30, 2020

CVE vulnerabilities of latest docker docker-library/rabbitmq#407

Closed

This was referenced Jun 17, 2020

Python:3.7 with CVE-2019-10131 docker-library/python#499

Closed

openjdk:11-jre with perl 5.28 has libpcre security vulnerability issues #420

Closed

This was referenced Jul 1, 2020

Patch avaiable for CVE-2020-12464 in debian releases docker-library/php#1031

Closed

The versions of Python 2 in the build pack-deps:buster-scm include a vulnerability (CVE-2020-8492) docker-library/buildpack-deps#109

Closed

wglambert mentioned this issue May 11, 2021

Current Alpine image contains 2 high severity CVEs docker-library/memcached#66

Closed

This was referenced Jun 3, 2021

vulnerabilities in openjdk 8jdk #457

Closed

CVE-2020-8130 docker-library/ruby#347

Closed

wglambert mentioned this issue Jun 22, 2021

Security vulnerabilities docker-library/docs#1979

Closed

This was referenced Jul 28, 2021

Vulnerabilities on base image 5.6 docker-library/mysql#780

Closed

cwe-444 docker-library/redmine#247

Closed

wglambert mentioned this issue Sep 10, 2021

Security vulnerabilities with Aquasec docker-library/elasticsearch#198

Closed

wglambert mentioned this issue Sep 17, 2021

openjdk:latest image scan finds ELSA-2021-9344 on AWS #467

Closed

wglambert mentioned this issue Nov 8, 2021

Vulnerabilities Issue Within 7.4-fpm-alpine Image docker-library/php#1219

Closed

wglambert mentioned this issue Dec 27, 2021

I have completed all official images docker scan, how can I contribute my scan results? docker-library/official-images#11577

Closed

wglambert mentioned this issue Jan 19, 2022

GO vulnerabilities found in Cassandra 4.0.1 image docker-library/cassandra#241

Closed

wglambert mentioned this issue Jan 28, 2022

python:3.8-buster base images shows a lot of issues when scanned by ECR docker-library/python#688

Closed

This was referenced Feb 25, 2022

Docker Image Contains Multiple CVEs docker-library/mongo#523

Closed

RabbitMQ image 3.9.13-management vulnerabilities docker-library/rabbitmq#546

Closed

This was referenced Mar 16, 2022

How to handle Critical Security Issues of Base Images docker-library/docs#2122

Closed

CVEs during security scan docker-library/php#1273

Closed

wglambert mentioned this issue Jun 21, 2022

The base linux image being used has a package with vulnerability CVE-2022-29162 docker-library/mysql#869

Closed

wglambert mentioned this issue Jul 22, 2022

The redis:7.0.4-alpine image has a High saverity vulnerabilities. redis/docker-library-redis#324

Closed

wglambert mentioned this issue Aug 19, 2022

python:slim-bullseye – Is affected by CVE-2005-2541 docker-library/python#751

Closed

wglambert mentioned this issue Sep 12, 2022

Image vulnerability in postgres:latest docker-library/postgres#995

Closed

wglambert mentioned this issue Sep 19, 2022

Security vulnerability with redis:7.0.4-alpine3.16 redis/docker-library-redis#328

Closed

wglambert mentioned this issue Feb 28, 2023

Linux kernel vulenrability docker-library/php#1379

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVEs in openjdk:8-jre-slim #185

CVEs in openjdk:8-jre-slim #185

subsahu123 commented Apr 12, 2018

tianon commented Apr 12, 2018

CVEs in openjdk:8-jre-slim #185

CVEs in openjdk:8-jre-slim #185

Comments

subsahu123 commented Apr 12, 2018

tianon commented Apr 12, 2018