Chrome CVE made me go digging and I found a container image in prod that hasn't been updated since 2023

So this new Chrome zero-day got me paranoid about our headless browser containers. Started auditing and found a PDF generation service running a Chrome image from early 2023. Thing's been chugging along in prod this whole time, processing user uploads. Makes you wonder what else is lurking out there. Base images get forgotten so easily once they're working. Now I'm writing a policy to flag anything over 6 months old for review.   submitted by   /u/proigor1024 [link]   [comments]

Source: https://www.reddit.com/r/netsec/comments/1rdv2fl/chrome_cve_made_me_go_digging_and_i_found_a/