Describe the issue:
PRISMA scan (container scan) for open search (v2.3) and opensearch dashboard (v2.3) is showing 4 critical and 69 high vulnerabilites (for open search) and 4 critical and 55 high vulnerabilities (for open search dashboard) respectively.
Has this been addressed, is there any way to work around the same. We as an organization were planning to use this version for some of application being readied for production/UAT deployment.
Any suggestions in this regards would be highly helpful.
Configuration:
opensearch v2.3.0 and opensearchdashboard v2.3.0
Relevant Logs or Screenshots:
Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
-opensearch-operator/actions/runs/8631421902/job/23659795972#step:5:13)/actions-runner/_work/_tool/twistcli/32.04.112/x64/twistcli images scan --address *** --user *** --password *** --output-file pcc_scan_results.json --details ghcr.io//docker.io/opensearchproject/opensearch:2.3.0
Results -
Vulnerabilities found for image /docker.io/opensearchproject/opensearch:2.3.0: total - 179, critical - 4, high - 69, medium - 80, low - 26
Vulnerability threshold check results: FAIL
Scan failed due to vulnerability policy violations: Default - Rule for High and Critical, 73 vulnerabilities. Blocking vulnerabilities by severity OR by risk factors. Severity distribution : [high:39 important:30 critical:4]
