IssueTracker

Issue summary: Cx is using Stream Firestore to BigQuery made by Firebase[1]. They have updated the version of this extension[1] to the latest (0.1.54). This generated a few container images for the running environment of the extension in GCP Artifactory Registry. More concretely, all 105 images in this section are for this extension because they have installed 21 instances of this extension, and each extension generated 5 images.

However, when they use Artifactory Registry scans for vulnerabilities. They found all images got the same 11 vulnerabilities, including one marked as critical[2].

The images were provided by the Firebase team and they use it as-is. They do not modify or add anything from their end.

Other information:

- The new version of the extension is giving new vulnerabilities after the scan.
- Previously some of the images were fixed by the Firebase team. However, this extension is a beta feature which is not generally available.

What you expect to happen:

A) There should be no vulnerabilities as per the new release of the extension.

[1] https://extensions.dev/extensions/firebase/firestore-bigquery-export 
[2] https://cloud.google.com/artifact-analysis/docs/scan-os-automatically