There was a minor vulnerability reported with JDK 1.13.0 1
I'm guessing we have to wait till this image is updated to use the newest minor version?
Yes.
Elasticsearch 7.6.1 uses the version 13.0.2+8 of OpenJDK.
docker run --rm docker.elastic.co/elasticsearch/elasticsearch:7.6.1 /usr/share/elasticsearch/jdk/bin/java --version
openjdk 13.0.2 2020-01-14
OpenJDK Runtime Environment AdoptOpenJDK (build 13.0.2+8)
OpenJDK 64-Bit Server VM AdoptOpenJDK (build 13.0.2+8, mixed mode, sharing)
Please use the Elasticsearch forum for non-ECK related questions like that.