Docker Found in AWS ColdFusion 2021 AMI – CVE Concerns and Safe Removal?

Question

Hi everyone,I've been working with the Adobe ColdFusion 2021 AMI on AWS (Windows) and noticed that Docker is installed by default. However, the ColdFusion documentation and AWS Marketplace listing don’t mention Docker as a requirement or dependency.While scanning the instance for security vulnerabilities, we identified two Docker-related CVEs:CVE-2021-21184CVE-2021-21185These are medium to high severity issues affecting Docker Desktop.Questions:Is Docker required for ColdFusion to run properly on this AMI?Can I safely uninstall Docker without impacting ColdFusion functionality?If Docker is required, can I safely upgrade it to the latest patched version?I’d appreciate any clarification or official guidance. I want to ensure we maintain a secure and minimal environment without removing something critical to the ColdFusion runtime.Thanks in advance for your help!Best,

hoang_0663 · Answer

Updated to correct CVE-2021-21284 and CVE-2021-21285

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded