docker-alpine icon indicating copy to clipboard operation
docker-alpine copied to clipboard

Published 20 hours ago verified publisher icon alpinelinux

Security Vulnerability with node:18.9.0-alpine3.16

Open subhankarc opened this issue 1 year ago • 1 comments

Environment Image Tag: node:18.9.0-alpine3.16 Current Behavior Scans reveal that the current image has the following vulnerabilities.

https://nvd.nist.gov/vuln/detail/CVE-2018-25032 https://nvd.nist.gov/vuln/detail/CVE-2022-37434

Is there a plan to mitigate these ?

I also see https://github.com/alpinelinux/docker-alpine/issues/244 states that the issue is not more there in the latest version, but we still see it in the image mentioned.

Also, https://github.com/alpinelinux/docker-alpine/issues/276 says that the issue CVE-2022-37434 is mitigated but we still get the same.

subhankarc avatar Sep 19 '22 11:09 subhankarc

@madler has done the new build, the 1.2.13 has been released with the CVE-2022-37434 fix.

Neustradamus avatar Oct 14 '22 08:10 Neustradamus