[
https://issues.apache.org/jira/browse/SOLR-17755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18018686#comment-18018686
]
Alexander Veit edited comment on SOLR-17755 at 9/7/25 8:48 PM:
---------------------------------------------------------------
OK, to make the whole thing more manageable I've created and/or linked separate
tickets for issues reported for Solr 9.9.0.
If the gosu issues will be solved in 10.x this ticket could possibly be closed
or deleted.
https://hub.docker.com/layers/library/solr/9.9.0/images/sha256-ac2fceddb02682a90a18224110344d632744eec72ccf441479f873c5f0a2b652
was (Author: veita):
OK, to make the whole thing more manageable I've created and/or linked separate
tickets for issues reported for Solr 9.9.0.
If the gosu issues will be solved in 10.x this ticket could possibly be closed
or deleted.
> Official Docker Images with a horrible number of security vulnerabilities
> -------------------------------------------------------------------------
>
> Key: SOLR-17755
> URL: https://issues.apache.org/jira/browse/SOLR-17755
> Project: Solr
> Issue Type: Bug
> Components: Docker
> Affects Versions: 9.8.1
> Reporter: Alexander Veit
> Priority: Major
> Fix For: main (10.0)
>
> Attachments: image-2025-05-07-19-43-18-313.png
>
>
> The official Solr container image adds 73 security vulnerabilities, four of
> them with critical, and 37 of them with high severity, to the base image.
> These vulnerabilities show up not only on DockerHub but also in corporate
> security scans. According to Docker Scout these vulnerabilities could be
> fixed, so they probably should be fixed.
> !image-2025-05-07-19-43-18-313.png!
> https://hub.docker.com/layers/library/solr/9.8.1/images/sha256-2b79aecf860291dc257460e934e275af9bb79fda1991a2c6072535d18a63f07a
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
