Hardened images / Extended lifetime support

Updating to the latest version of a base image can be a difficult task as it might required changes to your application. When updating to a newer base image is not a viable option, you can stay secure by using Aikido Extended Lifetime Support (i.e. hardened images).

Aikido maintains a registry of base images containing patched versions of libraries with reported CRITICAL or HIGH severity security issues.

For example CVE-2025-4373 is fixed by Debian in Trixie and Sid but not in Bookworm. Our ELS debian:bookworm image contains a patched version of glib2.0 that fixes this vulnerability. Using this image avoids breaking changes while maintaining a good security posture.

Extended Lifetime Support image availability

In Aikido, you can view which base images have supported ELS versions from the AutoFix > Containers page.

Autofix