Replicated continuously performs CVE scans on all our images and updates all vulnerabilities with a fix for every release.
To obtain a list of our patched CVEs, email security@replicated.com.
Replicated uses the following base images:
quay.io/replicated/replicated alpine:latest
quay.io/replicated/replicated-operator alpine:latest
quay.io/replicated/replicated-ui alpine:latest
registry.replicated.com/library/cmd ubuntu:trusty
registry.replicated.com/library/premkit alpine:3.6
registry.replicated.com/library/retraced-api debian:stretch-slim
registry.replicated.com/library/retraced-cron debian:stretch-slim
registry.replicated.com/library/retraced-db debian:stretch-slim
registry.replicated.com/library/retraced-nsq alpine:latest
registry.replicated.com/library/retraced-postgres postgres:10.3
registry.replicated.com/library/retraced-processor debian:stretch-slim
registry.replicated.com/library/statsd-graphite alpine:latest
registry.replicated.com/library/support-bundle debian:stretch-slim