Discussion on Critical Security Vulnerabilities in the datahub-gms Docker Image

Original Slack Thread

Hi Team,
Looking at the following datahub-gms docker image released three days ago:
https://hub.docker.com/layers/linkedin/datahub-gms/065a290/images/sha256-21e522d1168912ec1795307b6f6897d6110b2d169656adb849e2ec184f44ea73?context=explore|https://hub.docker.com/layers/linkedin/datahub-gms/065a290/images/sha256-21e522d1168[…]5307b6f6897d6110b2d169656adb849e2ec184f44ea73?context=explore

We are seeing many Critical Security Vulnerabilities. Please see attached file.
Our strict Security Compliance has blocked us from using these images.
From our side, we will try to mitigate these issues, and of course, if we find a viable solution we will contribute back to the community.

My question, is any work scheduled from your side to remedy these vulnerabilities?attachment

HI - thank you so much for the report. I’ll forward this to our team & get back to you :slight_smile: