I also use Red Hat UBI (Universal Base Images). If you pull down any package from DockerHub (even official images) you'll be surprised about how many vulnerabilities they have.
Second this. The UBI images are meticulously maintained by Red Hat and are freely available and redistributable without a subscription. Some of the largest companies in the world are using these in production and putting dollars behind them, so you can be pretty confident that they will work and be maintained.
