0

I've been receiving security issues from Snyk's container scanning on my java 11 app. There are recommendations to update the packages inside but I can't seem to find how using Maven Jib. Below are what I've tested so far.

  • eclipse-temurin:11.0.17_8-jre
  • maven:3.8.5-eclipse-temurin-11-alpine
  • gcr.io/distroless/java11
  • java11-debian11
  • amazoncorretto:11
  • adoptopenjdk/openjdk11-alpine
  • adoptopenjdk/openjdk11-alpine-slim
  • adoptopenjdk/openjdk11-alpine-jre
RJB
  • 95
  • 3
  • 15

1 Answers1

0

Eclipse Temurin is maintained and works for me. The version eclipse-temurin:11.0.18_10-jre currently covers the high risk vulnerabilities reported by Snyk.

Sandro
  • 1,757
  • 1
  • 19
  • 29