You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -95,7 +95,8 @@ Your vulnerability management process for container images:
#### Upstream base image vulnerabilities
It is a known issue that some common base images have vulnerabilities that can only be fixed by the upstream maintainers.
It is *not* considered an appropriate exception to not patch vulnerabilities in container images because of upstream problems.
??? warning "It is not considered an appropriate exception to not patch vulnerabilities in container images because of upstream problems."
Please work with CISD and your architects to ensure secure base images are used, either by finding appropriate secure base images, by building your own images or other means such as muiti-stage docker builds
To ensure that vulnerabilities in container images are patched within appropriate timescales teams must either:
