Skip to content

Latest commit

 

History

History
13 lines (7 loc) · 641 Bytes

patch-cves-in-containers.md

File metadata and controls

13 lines (7 loc) · 641 Bytes

Patch CVEs in Container Images

Rapidly addressing vulnerabilities in our production container OCI images has become imperative, especially as the window between CVE disclosure and real-world exploitation continues to shrink.
Notably, resolving vulnerabilities related to the OS layer of our base image poses a challenge due to the infrequent release cycles of new operating system versions.


Here's an illustrative pipeline (github action) leveraging Copacetic to automate and streamline the patching process seamlessly.