Hi Elastic Team,
We used aquasec's trivy scan(Trivy) to do vuln. scan on elasticsearch docker image: docker.elastic.co/elasticsearch/elasticsearch:7.17.9
We found 4 HIGH severity vulnerabilities below:
CVE-2023-0286
CVE-2021-37136
CVE-2021-37137
CVE-2021-40690
Can you triage this and provide any necessary remediations for above vulnerabilities.
FYI we did not find any remediation steps on Security issues | Elastic page.
Here is the full scan report: Vulnerability scan of Elasticsearch v7.17.9 docker image using Trivy · GitHub