Basically, the Chrome sandbox needs a non-root user as well as a different seccomp profile configuration. No idea if this helps or if you already tried this but it’s worth giving it a shot.
Which I just now (after posting) noticed was already mentioned in a different comment. Sorry!
I have no idea how Puppeteer handles this but Playwright has a little section on Chrome within Docker: https://playwright.dev/docs/docker#run-the-image
Basically, the Chrome sandbox needs a non-root user as well as a different seccomp profile configuration. No idea if this helps or if you already tried this but it’s worth giving it a shot.
Which I just now (after posting) noticed was already mentioned in a different comment. Sorry!