We have built a Docker container image for a Linux Azure Function App running Python 3.7 using the instructions provided in:
Our Dockerfile is just:
FROM mcr.microsoft.com/azure-functions/python:3.0-python3.7 ENV AzureWebJobsScriptRoot=/home/site/wwwroot \ AzureFunctionsJobHost__Logging__Console__IsEnabled=true COPY requirements.txt / RUN pip install -r /requirements.txt COPY . /home/site/wwwroot
We uploaded our Docker image to JFrog Artifactory and had it scanned with XRay. The results reported over 35 critical security vulnerabilities, all of which are related to the debian:buster:linux:4.19.98-1 packages.
Are these false positives? Safe to ignore? Or are we using the wrong (or old) base image for the Azure Function Docker image?