Regarding the security of the ELK stack docker images

Hi, I am trying out the docker version of the ELK stack, and have noted that when I scan it using trivy / "docker scan", it is showing some OS related vulnerabilities for libraries such curl etc. Can I understand if these findings are accurate and if anyone is able to advise on this?

Thank you for any advice on this matter!

  1. If the docker container you are using isn't from the following elastic's Profile (docker.com), then there isn't much Elastic can help you on.
  2. Can you send the link to the elk docker your using (Github or Docker Hub)
  3. Can you send the CVE numbers for the vulnerabilities?
  4. I would recommend you to use this ELK docker by Swimlane GitHub - swimlane/elk-tls-docker: This repository contains code to create a ELK stack with certificates & security enabled using docker-compose

Hi,

This would be from docker.elastic.co/elasticsearch/elasticsearch:latest

The CVEs are mainly related to the centos side of the containers, will highlight some of them here:

i) CVE-2021-22876
ii) CVE-2020-8625
iii) CVE-2021-20305

I will take a look at the Swimlane ELK Docker as well, thank you for the info!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.