The AWS ECR image scanning reports some HIGH vulnerabilities on apache/flink:1.13.1-scala_2.12 docker image. In addition, all versions prior to this one have these issues.
The vulnerabilities are the following:
Our security policy do not allow us to deploy images having security vulnerabilities. Searching through the Internet I found that for the first problem, a patch containing the solution will be release this year.
Do you plan to release a new image containing the newer glibc version in order to solve those issues?
Also, I checked and the alpine based flink images do not have these vulnerabilities. Do you plan to release newer versions of flink based on alpine (latest one is flink:1.8.x)?