...
| Code Block | ||
|---|---|---|
| ||
baseimages/azul/zulu-openjdk:alpine-11 baseimages/azul/zulu-openjdk:alpine-17xx |
Used by
Systematic
Distroless java
...
| Code Block | ||
|---|---|---|
| ||
baseimages/nginxinc/nginx-unprivileged:1x.26xx-alpine-slim |
Used by
Trifork and Telma
...
| Code Block | ||
|---|---|---|
| ||
baseimages/keycloak:25.0 |
Used by
Trifork
Node
| Code Block | ||
|---|---|---|
| ||
baseimages/node:20XX-alpine |
Used by
Systematic
Cosign
| Code Block | ||
|---|---|---|
| ||
baseimages/cosign:2.2.4-dev |
Used by
Trifork
Kubectl
| Code Block | ||
|---|---|---|
| ||
baseimages/kubectl:1.30 |
Used by
Trifork
Alpine
| Code Block | ||
|---|---|---|
| ||
baseimages/alpine:3.17 |
Used by
Systematic
Security
...
Both Operating System packages and application libraries are scanned.
If Trivy misses anything, Snyk is scanning inttest and production.
Mitigation
If a critical security issue is found in the docker image the supplier will be notified and needs to take swift action (within 3 hours) to mitigate the issue.
...