This is also the case for server containers, and I do worry about the day that some critical low level library that is in thousands of containers has a security bug. Yes, many shops are using CI to push out new containers regularly. Others are deploying containers from third-parties, without any regular updates or path to fixing security problems.