PREQUEL-2025-0110
Kubernetes Bitnami Secure Image Pull Events - Designed for Non-Prod Usage OnlyMedium
PREQUEL-2025-0110View on GitHub
Description
- Detects Kubernetes events where Bitnami Secure container images are being pulled.\n- Monitors image pull operations for Bitnami Secure images which cannot be pinned to specific versions.\n- Identifies usage of Bitnami Secure images that lack version pinning capabilities for production stability.\n- Tracks container deployments using unpinnable Bitnami Secure images for compliance monitoring.\n
Mitigation
- Avoid Bitnami Secure images in production due to inability to pin versions.\n- Use alternative container registries that support semantic versioning and pinning.\n- Consider using image mirroring to create pinnable versions of required images.\n