hanumanin
commented
2 years ago https://nvd.nist.gov/vuln/detail/CVE-2022-22704 this is causing the vulnerability
Closed hanumanin closed 2 years ago
hanumanin
commented
2 years ago https://nvd.nist.gov/vuln/detail/CVE-2022-22704 this is causing the vulnerability
jap-expi
commented
2 years ago Just started to see all of these critical and high CVEs related to Alpine 3.15.0. Is there an ETA on when Alpine 3.15.0 will be updated with expat:2.4.3-r0 release?
CVSSv3_critical: 3 CVSSv3_high: 5 cpe: pkg:/alpine:3.15.0:expat:2.4.1-r0 path: N/A resource: expat version: 2.4.1-r0 vulnerabilities: [ [-] { [-] cve: CVE-2022-22822 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22822 score: 9.8 severity: critical cve: CVE-2022-22823 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22823 score: 9.8 severity: critical cve: CVE-2022-22824 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22824 score: 9.8 severity: critical cve: CVE-2022-22826 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22826 score: 8.8 severity: high cve: CVE-2022-22827 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22827 score: 8.8 severity: high cve: CVE-2022-22825 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22825 score: 8.8 severity: high cve: CVE-2021-46143 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46143 score: 7.8 severity: high cve: CVE-2021-45960 nvd_url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45960 score: 7.5 severity: high
ncopa
commented
2 years ago 1) alpine 3.15.3 is out 2) we don't ship expat with the alpine base image
The Images 3.15.0, 3.15 are failing aqua scan and the older images as well