The adoption of application container technology is increasing rapidly, with 78% of vulnerabilities found in indirect dependencies making remediation complex. The top ten most popular Docker images each contain at least 30 publicly known vulnerabilities, including the official Node.js image which ships 580 vulnerable system libraries. Snyk's recently released Docker scanning capabilities have found that 44% of Docker image scans had known vulnerabilities, and for many cases, newer and more secure base images were available. The use of an alias like `node:10` can lead to exposure to multiple vulnerabilities, whereas using a specific version tag like `node:10.8.0-jessie` can help reduce the attack surface by recommending newer images with fewer vulnerabilities. Additionally, there is an increase in ReDoS vulnerabilities in npm and XSS continues to grow, highlighting the need for developers to take security seriously.