Closed xserrat closed 9 months ago
Sorry for the delay -- this image has since been rebuilt several times and thus would've picked up any available updates to this distribution-provided package, but you might find https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves to be interesting/useful regardless.
No problem, thanks for the reply!
Hi,
Using the
php-8.X
andphp-7.X
images as base image I found a vulnerability that is considered as critical related to the openssh agent.I didn't see the vulnerability appearing in DockerHub so I wanted to share with you the issue.
A way to fix it is by upgrading the OpenSSH version into a version equal or greater than
9.3p2
as commented in the CVE.Thanks.