openjdk:8 vulnerabilities

[pawank0411]

There are multiple open vulnerabilities reported for the application which uses the openjdk:8 docker image based on Debian.

A few of them are :

CVE-2018-25032
CVE-2019-20367
CVE-2020-24659
CVE-2020-35525
CVE-2020-35527
CVE-2020-8169
CVE-2020-8177
CVE-2020-8285
...

Can you please provide an alternative stable image for jdk8 that we can use in order to avoid these vulnerabilities or let us know if these are FP?

[wglambert]

See https://github.com/docker-library/docs/tree/master/openjdk

This image is officially deprecated and all users are recommended to find and use suitable replacements ASAP. Some examples of other Official Image alternatives (listed in alphabetical order with no intentional or implied preference):

amazoncorretto
eclipse-temurin
ibm-semeru-runtimes
ibmjava
sapmachine
See #505 for more information.