I am using the 2.18.3-python3.12 docker base image and am running a vulnerability scan against the image. It looks like there are a number of vulnerabilities in the linux distro coming from the

debian-linux

base image that's used by the prefect image. e.g: CVE-2023-52760 in v6.1.85, fixed in 6.1.99 Is this a known issue / is there an expectation that these will be resolved? In the past I forked the prefect repo and created a custom image based on the alpine linux base image but that is a) a hassle and b) has proven problematic when trying to keep prefect up to date

What kind of vulnerabilities are you trying to protect from? We keep prefect workers in an isolated network. I feel confident that infrastructure is reducing a lot risk in any vulnerability that linux kernel may contain.

we're hosting prefect workers in our GCP VPC and GCP has its own vulnerability detection system. I'm mostly trying to ensure that a) this infrastructure is protecting against those vulnerabilities or if not b) we're able to resolve them

Makes sense.