Regarding the security of the ELK stack docker images

signum · May 13, 2021, 8:52am

Hi, I am trying out the docker version of the ELK stack, and have noted that when I scan it using trivy / "docker scan", it is showing some OS related vulnerabilities for libraries such curl etc. Can I understand if these findings are accurate and if anyone is able to advise on this?

Thank you for any advice on this matter!

austinsonger · May 14, 2021, 5:04pm

If the docker container you are using isn't from the following elastic's Profile (docker.com), then there isn't much Elastic can help you on.
Can you send the link to the elk docker your using (Github or Docker Hub)
Can you send the CVE numbers for the vulnerabilities?
I would recommend you to use this ELK docker by Swimlane GitHub - swimlane/elk-tls-docker: This repository contains code to create a ELK stack with certificates & security enabled using docker-compose

signum · May 19, 2021, 1:14am

Hi,

This would be from docker.elastic.co/elasticsearch/elasticsearch:latest

The CVEs are mainly related to the centos side of the containers, will highlight some of them here:

i) CVE-2021-22876
ii) CVE-2020-8625
iii) CVE-2021-20305

I will take a look at the Swimlane ELK Docker as well, thank you for the info!

Topic		Replies	Views
Security Vulnerability in ELK stack during docker scan by twistlock Elasticsearch	2	581	June 22, 2021
Docker image vulnerabilies Elasticsearch docker	6	1566	July 4, 2019
Openssl-1.1.1f-1ubuntu2.24 in ELK docker container with critical vulnerability Elastic Search docker	2	69	April 17, 2025
Security vulnerabilities in Elasticsearch docker images - v 8.2.0 Elasticsearch docker	3	510	June 23, 2022
High Vulnerabilities found in Elasticsearch docker image v7.17.9 Elasticsearch docker	3	827	March 20, 2023

Regarding the security of the ELK stack docker images

Related topics