Security News > 2020 > December > Analysis of 4 Million Docker Images Shows Half Have Critical Vulnerabilities

Analysis of 4 Million Docker Images Shows Half Have Critical Vulnerabilities
2020-12-02 14:16

Container security company Prevasio has analyzed 4 million public Docker container images hosted on Docker Hub and found that over half of them had critical vulnerabilities and thousands of images included malicious or potentially harmful elements.

The cybersecurity firm used its Prevasio Analyzer service to analyze all the container images on Docker Hub, the largest library and community for container images.

The analysis found that 51% of the 4 million images included packages or app dependencies with at least one critical vulnerability and 13% had high-severity flaws.

According to Prevasio, these malicious or potentially harmful Docker images have been downloaded more than 300 million times.

"Regardless of the original intention, if an employee pulls from Docker Hub and then runs a coinmining container image at work, there is a very high chance that the company's resources are not used as originally intended. A system administrator might find such container images undesirable for a corporate environment or even potentially harmful," Prevasio wrote in a report detailing its findings.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/XFjXfMsphs4/analysis-4-million-docker-images-shows-half-have-critical-vulnerabilities

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Docker 24 0 19 36 20 75