{"id":27515,"date":"2017-04-10T10:49:37","date_gmt":"2017-04-10T08:49:37","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=27515"},"modified":"2017-04-10T10:49:37","modified_gmt":"2017-04-10T08:49:37","slug":"docker-image-vulnerability-research","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2017\/04\/10\/docker-image-vulnerability-research\/","title":{"rendered":"Docker Image Vulnerability Research"},"content":{"rendered":"<!-- google_ad_section_start -->\n<p><a href=\"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"27516\" data-permalink=\"https:\/\/mamchenkov.net\/wordpress\/2017\/04\/10\/docker-image-vulnerability-research\/images_vulnerable_by_distribution\/\" data-orig-file=\"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?fit=4000%2C2375&amp;ssl=1\" data-orig-size=\"4000,2375\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"images_vulnerable_by_distribution\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?fit=660%2C392&amp;ssl=1\" class=\"aligncenter size-medium wp-image-27516\" src=\"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution-500x297.png?resize=500%2C297&#038;ssl=1\" alt=\"\" width=\"500\" height=\"297\" srcset=\"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?resize=500%2C297&amp;ssl=1 500w, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?resize=768%2C456&amp;ssl=1 768w, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?resize=1024%2C608&amp;ssl=1 1024w, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?w=1320 1320w, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/images_vulnerable_by_distribution.png?w=1980 1980w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>Federacy has an interesting research in <a href=\"https:\/\/www.federacy.com\/docker_image_vulnerabilities\">Docker image vulnerabilities<\/a>. \u00a0The bottom line is:<\/p>\n<blockquote><p>24% of latest Docker images have significant vulnerabilities<\/p><\/blockquote>\n<p>This can and should be improved, especially given the whole hierarchical structure of Docker images. \u00a0It&#8217;s not like improving security of all those random GitHub repositories.<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>Federacy has an interesting research in Docker image vulnerabilities. \u00a0The bottom line is: 24% of latest Docker images have significant vulnerabilities This can and should be improved, especially given the whole hierarchical structure of Docker images. \u00a0It&#8217;s not like improving security of all those random GitHub repositories.<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"Docker Image Vulnerability Research #security #Linux #Docker #containers #research","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,6,133,62],"tags":[3421,3420,1117,200,3104],"keyring_services":[],"class_list":["post-27515","post","type-post","status-publish","format-standard","hentry","category-general","category-linux","category-sysadmin","category-technology","tag-containers","tag-docker","tag-research","tag-security","tag-virtualization"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":36740,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/03\/02\/learn-enough-docker-to-be-useful\/","url_meta":{"origin":27515,"position":0},"title":"Learn Enough Docker to be Useful","author":"Leonid Mamchenkov","date":"March 2, 2019","format":false,"excerpt":"\"Learn Enough Docker to be Useful\" is a series of articles (so far 6) that explains different parts of Docker in a very simple and straightforward way. Here are the parts so far: Docker conceptsDocker ecosystemDockerfileSlimming down Docker imagesDocker commandsDocker data","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/docker.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/docker.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/docker.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/docker.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":28375,"url":"https:\/\/mamchenkov.net\/wordpress\/2018\/02\/11\/slimming-down-docker-images\/","url_meta":{"origin":27515,"position":1},"title":"Slimming down Docker images","author":"Leonid Mamchenkov","date":"February 11, 2018","format":false,"excerpt":"It's been a while since I posted anything about Docker.\u00a0 That's mostly because I still don't really use it for anything - playing around locally, testing and learning doesn't count yet. But just to keep the ball rolling, here are a couple of handy links for the ideas on how\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27527,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/04\/19\/bitbucket-pipelines-improved-support-for-docker\/","url_meta":{"origin":27515,"position":2},"title":"BitBucket Pipelines improved support for Docker","author":"Leonid Mamchenkov","date":"April 19, 2017","format":false,"excerpt":"Here are some exciting news from the BitBucket Pipelines blog:\u00a0Bitbucket Pipelines now supports building Docker images, and service containers for database testing. We developed Pipelines to enable teams to test and deploy software faster, using Docker containers to manage their build environment. Now we\u2019re adding advanced Docker support \u2013 building\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/service-containers-pipelines-500x262.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":34007,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/02\/14\/php-docker-images\/","url_meta":{"origin":27515,"position":3},"title":"PHP Docker images","author":"Leonid Mamchenkov","date":"February 14, 2019","format":false,"excerpt":"phpdaily\/php is a collection of the daily updated Docker images for a variety of PHP versions. Interestingly, these include even the most recent development versions, like PHP 8.0.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":35248,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/02\/19\/docker-and-kubernetes-in-high-security-environments\/","url_meta":{"origin":27515,"position":4},"title":"Docker and Kubernetes in high security environments","author":"Leonid Mamchenkov","date":"February 19, 2019","format":false,"excerpt":"\"Docker and Kubernetes in high security environments\" is an interesting case-study from the Swedish Police Authority, on how to setup and maintain a high security configuration of Docker and Kubernetes. Not something that you'd think of on a daily basis, but a very handy guide for a weekend reading, or\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":46046,"url":"https:\/\/mamchenkov.net\/wordpress\/2020\/01\/30\/dive-docker-image-explorer\/","url_meta":{"origin":27515,"position":5},"title":"dive &#8211; Docker image explorer","author":"Leonid Mamchenkov","date":"January 30, 2020","format":false,"excerpt":"dive is a Docker image explorer. This is a very handy tool when you are trying to figure out how a Docker image was built and what's in it, and you don't have the original Dockerfile. It uses the meta information for each layer to show you which command was\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2020\/01\/dive.gif?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27515","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=27515"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27515\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=27515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=27515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=27515"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=27515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}