Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-1255 in alpine 3.17 base images #2308

Closed
amirschw opened this issue May 22, 2023 · 1 comment
Closed

CVE-2023-1255 in alpine 3.17 base images #2308

amirschw opened this issue May 22, 2023 · 1 comment
Assignees
@tomkerkhove
Labels
security All issues related to security

Comments

@amirschw
Copy link
Contributor

Report

Both images are vulnerable since they both use alpine 3.17 for the base image.

The OpenSSL vulnerability was fixed in alpine 3.18 and can be fixed here once dotnet/dotnet-docker#4629 is merged and new dotnet docker images are published.

Vulnerability Information

GHSA-4wp2-xw7p-2gfx

Affected Component(s)

Resource Discovery, Scraper

Affected Version(s)

latest (Scraper v2.9.1, Resource Discovery v0.9.1)

Vulnerability Migitation

No response

Vulnerability Fix

Upgrade to alpine 3.18

Contact Details

No response
@amirschw amirschw added the security All issues related to security label May 22, 2023
@amirschw amirschw mentioned this issue Jun 15, 2023
Closed
@amirschw
Copy link
Contributor Author

Fixed indirectly by switching from Alpine to Mariner in #2329

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tomkerkhove tomkerkhove

Labels
security All issues related to security
Projects
Promitor Roadmap
Status: Ready To Ship
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore(deps): update linux base image tags to alpine3.18 amirschw/promitor
2 participants
@tomkerkhove @amirschw