Closed amirschw closed 1 year ago
Both images are vulnerable since they both use alpine 3.17 for the base image.
The OpenSSL vulnerability was fixed in alpine 3.18 and can be fixed here once https://github.com/dotnet/dotnet-docker/pull/4629 is merged and new dotnet docker images are published.
https://github.com/advisories/GHSA-4wp2-xw7p-2gfx
Resource Discovery, Scraper
latest (Scraper v2.9.1, Resource Discovery v0.9.1)
No response
Upgrade to alpine 3.18
Fixed indirectly by switching from Alpine to Mariner in #2329
Report
Both images are vulnerable since they both use alpine 3.17 for the base image.
The OpenSSL vulnerability was fixed in alpine 3.18 and can be fixed here once https://github.com/dotnet/dotnet-docker/pull/4629 is merged and new dotnet docker images are published.
Vulnerability Information
https://github.com/advisories/GHSA-4wp2-xw7p-2gfx
Affected Component(s)
Resource Discovery, Scraper
Affected Version(s)
latest (Scraper v2.9.1, Resource Discovery v0.9.1)
Vulnerability Migitation
No response
Vulnerability Fix
Upgrade to alpine 3.18
Contact Details
No response