Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-3995

Vulnerabilities in components packaged in zookeeper docker

Add voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 3.6.2
    • None
    • build, other
    • None

    Description

      On running the Aquasec Trivy Vulnerability scanner on the latest version on zookeeper docker (3.6.2) 124 vulnerabilities were identified with the following severities LOW: 88, MEDIUM: 13, HIGH: 23

      These issues were across various libraries packaged along with zookeeper in the docker image.

       

      Attaching the list of vulnerabilities.

       

      Expected: The libraries packaged need to be up to date with no known vulnerabilities.

       

      Attachments

        1. Zookeeper 3.6.2.txt
          64 kB
          Sri Darshan Sreedharan

        Issue Links

        relates to

        Bug - A problem which impairs or prevents the functions of the product. ZOOKEEPER-4484 Critical Security Vulnerabilities in Apache Zookeper image

        • Critical - Crashes, loss of data, severe memory leak.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            sridarshans Sri Darshan Sreedharan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Slack

                Issue deployment