The top ten Docker images contain over 8,000 vulnerable paths, indicating a significant security risk for users of these images. A study found that 68% of developers feel they should own the security responsibility of their Docker container images, but only 15.5% actually test them for vulnerabilities during development. The study also revealed that there is a disconnect between who owns security and how it is practiced, with many developers owning security but not actively practicing it. The most vulnerable image was the Node image, which introduced an average of 14 vulnerabilities for every 10 dependencies added. However, most vulnerabilities were rated as low severity, accounting for 74.9% of all observed vulnerabilities, making it easier for users to prioritize and remediate them. To mitigate this risk, using minimal base images that bundle only necessary system tools and libraries can help minimize the attack surface and ensure a more secure container. Snyk's tools can also help developers find and automatically fix vulnerabilities in container images and Kubernetes workloads.