Hello, We are evaluating prefect core to replace ...
# ask-community
n
Hello, We are evaluating prefect core to replace our workflow management. As part of security protocol all container images are scanned which included all the 5 docker containers of prefect core (server, Apollo, ui, Hasura/graphql & Postgres:11). All of these containers seem to have vulnerabilities and most of them are medium to low. However, the ones which are critical & high needs to be resolved before we can use them for prod, based on our observation these packages are system libs (like linux kernel, shadow, glibc etc. something which prefect doesn’t directly use). Is it possible to update the base image to say Ubuntu 20.4 (in our tests between Debian and ubuntu, the latter seems to have just about 16 [1 medium rest all low vulnerabilities])? or any other recommended approach we could follow to over come this issue is greatly appreciated. 🙂 PS - Scans have been made using GCP’s vulnerability scan service in GCR
z
Hi @Nikhil Akki -- opening an issue in the Server repo (https://github.com/PrefectHQ/server) with the vulnerabilities would be helpful! A lot of the containers are based off official images so we don't have direct control over the base image but we can look into upgrading