Tags that close some mirrors on docker hub are marked “This image has vulnerabilities”

  docker, question

For example, tomcat’s official image



How many meanings are these? It’s not safe. Is there a leak?

Is it easy to be attacked if used directly?

Yes, the images marked as such are thought to be vulnerable. These vulnerabilities usually come from the system they are based on or the software and dependency libraries carried by the upper-level image. Of course, it is also possible that the software itself is a problem.
This hint only indicates that the environment on which the mirror is based is vulnerable, and does not mean that the vulnerability will definitely be attacked.
You can choose to use its Dockerflie to rebuild the image, update the software with vulnerabilities, or protect against vulnerabilities at the firewall level.