I have tried all these Jenkins docker images and scanned them from security vulnerabilities, but unfortunately they all have lots of vulnerabilities even the alpine tag # FROM jenkins/jenkins:lts-alpine-jdk17 # FROM jenkins/jenkins:lts-alpine FROM jenkins/jenkins:alpine # FROM jenkins/jenkins:2.332…

Is there a Jenkins Docker image without security vulnerabilities?

ohbei May 11, 2023, 12:30am 6

Thanks for the detailed response.

To confirm, is the only way to validate that a vulnerability (e.g., in snakeyaml) does not affect Jenkins is to check that there is no advisory for it?

Jenkins Docker Images - Vulnerabilities being Flagged by AWS ECR Scanner

Topic		Replies	Views
Jenkins Docker Images - Vulnerabilities being Flagged by AWS ECR Scanner Using Jenkins sig-security	1	250	May 16, 2024
Docker Image jnlp-agent-python3 Ask a question git , docker , python	2	1888	June 23, 2023
2.440.3 Jenkins using an inbound-agent container image that is being flagged by container scans Ask a question question	2	232	May 14, 2024
Platform SIG August 28, 2024 Community java , docker , platform , sig-platform	0	7	August 28, 2024
Azure Scanning for Jenkins pipeline Using Jenkins	1	472	June 8, 2023

Is there a Jenkins Docker image without security vulnerabilities?

Related Topics