250+ CVEs In Red Hat Linux Splunk Docker Image #616
Comments
|
Critical: 20 Total: 281 |
|
jyst fyi: splunk support case: 3276273 with results from ORCA ps. fixing base image may also fix problem with journald, which was also reported in 3270730 |
|
We have started daily scanning for these images internally on the latest/upcoming splunk versions, and we are focusing on efforts to resolve all critical/high level vulnerabilities. Unfortunately, most of these are coming from the Splunk product itself and not from the docker image layers that we build. We have resolved all critical and most high level vulnerabilities that are not coming from the Splunk build for the upcoming release. |
|
@jmeixensperger thanks for looking into it. |
|
@Subrhamanya can you attach last scan results for "fresh" versions? |
|
@yaroslav-nakonechnikov here is the screenshot. Version scanned --> 9.3.1
Critical - 1 |
Recently splunk official image scanned with one of our scanners (Prisma Cloud) and it's showing 250+ CVEs in it.
We are using splunk docker from https://hub.docker.com/r/splunk/splunk/tags?page=1
Is this image legitimate and offcial?
Can anybody help with it? So many CVEs in one image is confusing us...
The text was updated successfully, but these errors were encountered: