Closed sirkrypt0 closed 1 year ago
I hope the alpine team will add some priority to this since the severity for it is HIGH.
https://github.com/docker-library/official-images/pull/13854 (this is updated now)
Indeed, the latest image is updated and the vulnerability scanner is happy. Thanks :)
Hi and thanks for maintaining this!
Today our vulnerability scanner failed because of the libcrypto3/libssl3 CVE-2022-3996 vulnerability.
The version
3.0.7-r2
seems to be available on the 3.17-main with the patch applied.Running
apk upgrade libssl3 libcrypto3
in my Dockerfile manually fixes the issue.It would be awesome if you could update the
3.17
base image to include these latest fixes :)