Self-hosters left vulnerable to XSS vuln due to second-class Docker support

markstos · January 31, 2026, 4:44pm

Ghost 6.15 was released with a security fix for an XSS vulnerability in the portal.

Bad actors are now aware of the vulnerable, but no new Docker image is available to install with the fix. A fix is being worked out here, in a third-party repo:

github.com/docker-library/ghost

Docker builds fail because `git` is missing for `ghost-cli` install

opened 09:22PM - 27 Jan 26 UTC

zac

### Summary Building the official Dockerfiles for bookworm and alpine fails duri…ng `npm install -g ghost-cli@1.28.4` with `ENOENT spawn git`. The images do not have `git` installed at that layer, and `ghost-cli`'s npm install requires it. ### Environment - Host OS: macOS (darwin) - Date: 2026-01-27 - Docker: legacy builder (not BuildKit) - Architecture: arm64 (Apple Silicon) - Repo paths: `5/bookworm/Dockerfile`, `6/alpine3.23/Dockerfile` ### Reproduction (bookworm) ```bash docker build -f 5/bookworm/Dockerfile . ``` ### Reproduction (alpine) ```bash docker build -f 6/alpine3.23/Dockerfile . ``` ### Actual Result Build fails on the `ghost-cli` install step: ``` npm error code ENOENT npm error syscall spawn git npm error path git npm error enoent An unknown git error occurred ``` ### Expected Result Image builds successfully, including `ghost-cli` installation. ### Notes - The failure happens at: - `5/bookworm/Dockerfile`: Step `npm install -g "ghost-cli@$GHOST_CLI_VERSION"` - `6/alpine3.23/Dockerfile`: same step - This wasn't happening as recently as yesterday, although it's also possible I had caches that hid the build issue. - I originally reproduced this exact issue in Github CI, so I'm assuming my build environment isn't at issue here, but it could be! ### Local Workaround (Minimal Diff) I was able to build successfully locally with the following minimal change in `5/bookworm/Dockerfile`: ```diff @@ ENV GHOST_CLI_VERSION 1.28.4 RUN set -eux; \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends ca-certificates git; \ + git config --system url."https://github.com/".insteadOf "ssh://git@github.com/"; \ + git config --system url."https://github.com/".insteadOf "git@github.com:"; \ npm install -g "ghost-cli@$GHOST_CLI_VERSION"; \ npm cache clean --force ```

It would great if the Ghost team could check that security fixes are going to build and release with Docker in a timely manner so self-hosters aren’t left exposed.

vikaspotluri123 · January 31, 2026, 7:07pm

Is it correct to say that the Docker (preview) setup from Ghost depends on the Ghost (by Docker) image?

markstos · January 31, 2026, 7:19pm

From looking at the Docker Compose file, that’s the way it appears to me.

KBExit · February 1, 2026, 2:28am

~~The last time I looked, the last docker update is at least 7 days ago :(~~
~~Update: Docker updated 3 hours ago.~~
Update #2: 6.14.0 is the latest version available to Docker Hub still.

ngeorger · February 1, 2026, 5:02am

You can always build your own images, in my case I use a hardened version available at GitHub - sredevopsorg/ghost-on-kubernetes: Ghost on Kubernetes by SREDevOps.org - Deploy Ghost v6 on Kubernetes (k8s, k3s, etc) with our hardened distroless rootless custom image.

disgustipated · February 1, 2026, 5:38pm

Yeah, it would be nice to have docker hub update a little faster, or have a “nightly” tag or something. I’ve been using that method for the past few years and its always like a week behind. Its nice for if there might be something broken in a specific release so you dont get the bleeding edge but for vulnerabilities it kinda sucks.

markstos · February 1, 2026, 6:05pm

This is about more than just timeliness, it’s about:

Ghost team not testing themselves if the Docker image they are promoting works before a release is made, which can leave self-hosters vulnerable
It’s about about security in general.

For more than a year, there’s been an alternate, hardened image available that has fewer potential vulnerabilities detected. Today, the published Ghost 6.14 image published has 3 critical vulns detected and 35 “high” vulnerability. My job involved remediating such vulns, and organizations that take such vulns seriously have policies like dealing with critical vulns within 24 or 48 hours and high severity vulns within a week or two.

The alternate approach is a smaller, hardened image addresses about half of these vulns without modifying Ghost itself– solely by using best practices in how the Docker image is constructed:

Ghost could be helping protect the ecosystem by building or promoting more secure image.

In the “Ghost-dev” Dockerfile in the team’s repo, ghost-cli is used to build their image– a complex dependency which is used both the official and the hardened “ghost-on-kubernetes” image. The promoted images could be further improved by dropping the ghost-cli dependency. According to the original bug report about this, it was problem in a sub-dependency of ghost-cli that triggered the failure of the 6.15 image to automatically build. Eliminating ghost-cli as a dep would eliminate that entire class of errors.

ngeorger · February 1, 2026, 7:37pm

BTW, the Ghost image from Docker library is not maintained nor supported by the Ghost team. Just sayin’

markstos · February 1, 2026, 7:46pm

Understood, but the Ghost Image from Docker is used by Ghost in the official compose.yml file in the official ghost-docker repo, which is recommended to used in the official Docker installation instructions:

github.com/TryGhost/ghost-docker

compose.yml

main

---
# yaml-language-server: $schema=https://raw.githubusercontent.com/compose-spec/compose-spec/main/schema/compose-spec.json
services:
  caddy:
    image: caddy:2.10.2-alpine@sha256:953131cfea8e12bfe1c631a36308e9660e4389f0c3dfb3be957044d3ac92d446
    restart: always
    ports:
      - "80:80"
      - "443:443"
    environment:
      DOMAIN: ${DOMAIN:?DOMAIN environment variable is required}
      ADMIN_DOMAIN: ${ADMIN_DOMAIN:-}
      ACTIVITYPUB_TARGET: ${ACTIVITYPUB_TARGET:-https://ap.ghost.org}
    volumes:
      - ./caddy:/etc/caddy
      - caddy_data:/data
      - caddy_config:/config
    depends_on:
      - ghost
    networks:

This file has been truncated. show original

So if you follow the official guidance for installing Ghost using docker, you end up running this third-party maintained image, which has roughly twice as many detected security vulnerabilities as the “ghost-for-kubernetes” third-party Ghost image.

markstos · February 1, 2026, 8:16pm

Ghost has their own Docker Hub account and publishes several images, including one that appears to be published through automation, but none of them are for the Ghost software itself:

curiositry · February 3, 2026, 3:33am

Looks like the Docker image has been updated to Ghost 6.16.1:

mulderfrank · February 3, 2026, 5:00pm

Yes, confirmed. I was able to upgrade!

markstos · February 3, 2026, 5:04pm

The immediate issue has been addressed, while all the longer-term issues around Ghost container support remain:

Nothing has changed to prevent this situation from happening again– having a vuln disclosed without a workiner container release with the fix.
The Docker image recommended by Ghost has about 2x the number of detected vulns as an alternative way to build the image.

christopher-b · February 6, 2026, 2:53pm

I would like to add my support to this: Ghost needs improved Docker support. I understand that Docker support is in “preview”, but if it’s being promoted as a hosting option, it should get proper security maintenance.

muratcorlu · February 6, 2026, 3:05pm

I think it’s worth to mention this issue here, about security concerns for Docker Hub Ghost image:

TLDR; they find the vulnerabilities reported as either false-positives, or not related with docker image itself.

And last incident that blocked them to release new version was also a potential security flaw, because of the a nested NPM repository used a git repository as the dependency. But unluckily that release was also fixing another security issue.

Those aside, I would also like to have a Docker build right inside Ghost repository, and an automated GitHub build immediately with a version release.

markstos · February 6, 2026, 3:30pm

The ghost-on-kubernetes project has an alternate image. They are working on making it compatible with the Docker Hub image:

github.com/sredevopsorg/ghost-on-kubernetes

Improve compatibility with Ghost Docker image by supporting the same paths

opened 03:45AM - 02 Feb 26 UTC

markstos

enhancement good first issue docker

**Is your feature request related to a problem? Please describe.** The Ghost Do…cker Hub image expects content to be below `/var/lib/ghost`, while this image expects content below `/home/nonroot/apps/ghost`. For people moving from the Ghost image to this one, it would be helpful if it could "just work" without requiring changing volume mount paths. **Describe the solution you'd like** It seems like this out to possible by adding one two symlinks to the image to support either directive path to be used. Or maybe there would would be other problems anyway due to file ownership and permission differences? In that case, maybe that kind of compatibility is not worth it.

Once that’s done, there might be an easy migration path from the Docker Hub image to something more secure.

sheik21 · February 7, 2026, 11:03am

From looking at the Docker Compose file, that’s the way it appears to me

markstos · February 16, 2026, 1:30am

It looks like Node.js had a similar situation recently, where their OCI images were updated promptly after a security release:

One of their core contributors posted that this merited a post-mortem review, and they are working an updated process to prevent it from happening again. Well done.

markstos · February 16, 2026, 6:26pm

Ghost has again publicized a vulnerability in their software without a published Docker image without a published Docker image which contains the fix. Ghost has published 6.19.1 with a SQL injection fix, but the most recent Docker Official Image is at 6.18.2.

After this happened last time, I started collaborating with @ngeorger on a more secure alternate image and there’s now one that he created and I’ve successfully tested with 6.19.0. Perhaps he can push a 6.19.1 release soon.

Keep an eye out here, and look for releases with a -docker suffix. This is very new, and trying it out on a dev site is recommended!

I just submitted a patch to better document the new container option here:

As I mentioned there: “If you are moving from the Docker Hub image and don’t want to change the ownership of all your files, you can continue to use the same user with this image by specifying --user 100:1000 on a docker run line or updating a compose.yml file where you set image: to also set user: 1000:1000"

I submitted a second patch to start down the path of having these alternate images automatically published when Ghost makes a new release.

github.com/sredevopsorg/ghost-on-kubernetes

ci: Automate building new '-docker' releases when there's a release. (#639)

main ← markstos:setup-automatic-builds

opened 01:26PM - 16 Feb 26 UTC

markstos

+72 -0

This PR was generated with AI assistance and needs testing by someone with permi…ssion to make builds. If you have the `gh` CLI (It's nice, I recommend it!), you can test it like this: ``` gh workflow run check-ghost-releases.yaml ``` Currently on building `-docker` builds are automated. You may wish to extend this to building the main and `-dev` builds as well.

markstos · February 16, 2026, 7:11pm

Great news. @ngeorger acted fast to publish a release and I’ve tested it on three Ghost blogs of my own. The image path is:

ghcr.io/sredevopsorg/ghost-on-kubernetes:v6.19.1-docker

The Dockerfile is linked below if you wish to inspect it. Note my comments above about setting the user explicitly to 1000:1000 for compatibility with existing Ghost installs and testing it first on a dev site, or waiting for some other people to post their test results here.

For example, I mount my config file into the container. This has not been tested much or at all for setups that configure using exclusively env vars.

github.com/sredevopsorg/ghost-on-kubernetes

Dockerfile-docker.dockerfile

main

# This Dockerfile is used to build a container image for running Ghost, a popular open-source blogging platform, on Docker.
# The image is built with official Node 22 on Debian Trixie (LTS Jod)  image and uses the Google's Distroless nodejs22-debian13 image in the runtime for security and minimalism.

# Stage 1: Build Environment
FROM docker.io/node:jod-trixie@sha256:a749bc973cd21d41d36889e0b67c4ee59ef9519d557885ad90c9c7c43927233f AS build-env
USER root
# Installs dependencies for sqlite3 node dependencies
RUN apt update && \
    apt install -y python3-setuptools build-essential libsqlite3-dev

# Create a new user and group named "nonroot" with the UID 65532 and GID 65532, not a member of the root, sudo, and sys groups, and set the home directory to /home/nonroot.
# This user is used to run the Ghost application in the container for security reasons.
RUN groupadd -g 65532 nonroot && \
    useradd -u 65532 -g 65532 -d /home/nonroot nonroot && \
    usermod -aG nonroot nonroot && \
    mkdir -pv /home/nonroot && \
    mkdir -pv /var/lib/ghost && \
    chown -Rfv 65532:65532 /home/nonroot && \
    chown -Rfv 65532:65532 /var/lib/ghost

This file has been truncated. show original

Topic		Replies	Views
Official Docker based ghost from Ghost team itself Ideas 🚧-rejected	3	1294	July 8, 2018
Docker release not published for v5.118.0 Using Ghost	1	44	April 21, 2025
Docker Nightly Image? Contributing to Ghost	2	175	December 2, 2024
Breaking docker images Developer help	3	488	April 9, 2019
Sharing Docker images of local Ghost blog for collaboration Self-hosting	0	519	December 1, 2022

Related topics