There are several vulnerabilities, some almost 5 years old, that are still present in the latest Splunk Kubernetes image version. Do we have an ETA on when will these get resolved?
Here is the list
Hi @isoutamo and others,
There is some additional information about the vulnerabilities posted above. We are utilizing docker splunk for our docker http event collector, so that we can send logs from our Kubernetes clusters to splunk Within that docker image, we are pulling in [1] 8.2.5 or [2] 9.0.5. We use twistlock to report vulnerabilities from our image and all of those vulnerabilities are being pulled from the docker splunk image tags mentioned below.
We were wondering is there a process for Splunk to fix those vulnerabilities that were mentioned? If there is a process, can you take us through how that process works?
Thanks and we look forward to talking with you.
[1] https://github.com/splunk/docker-splunk/tree/8.2.5
[2] https://github.com/splunk/docker-splunk/tree/9.0.5