---
title: >-
  Publicly accessible Kubernetes service uses a container image with
  vulnerabilities
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Publicly accessible Kubernetes service
  uses a container image with vulnerabilities
---

# Publicly accessible Kubernetes service uses a container image with vulnerabilities

## Description{% #description %}

Unpatched vulnerabilities in publicly accessible applications can increase the likelihood of exposing weaknesses, creating an entry point for attackers to gain unauthorized access to the pod or container.

## Remediation{% #remediation %}

1. Review any associated vulnerability references or advisories.
1. Apply the appropriate patch based on remediation guidance. If no patch is available, apply compensating controls such as disabling or removing the vulnerable component.
1. If public exposure is not required, restrict external access using internal service types, tighter ingress or load balancer rules, NetworkPolicies, or cloud provider firewall controls.