docker icon indicating copy to clipboard operation
docker copied to clipboard
verified publisher icon craftcms

Security vulnerabilities reported in container re. libpq and zlib

Open elivz opened this issue 3 years ago • 1 comments

Description

Our automated Sysdig scan is currently showing two known vulnerabilities in dependencies of the Docker container. Not sure if this is anything you can or should deal with, or if we just need to wait for it to be fixed upstream, but putting here for reference.

- CVE-2022-2625    High     libpq-14.4-r0      APKG     14.5-r0          https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2625
- CVE-2022-37434   Critical zlib-1.2.12-r1     APKG     1.2.12-r2        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434

elivz avatar Aug 31 '22 18:08 elivz

Rebuilding now to get any remediations that exist upstream https://github.com/craftcms/docker/actions/runs/2966593884

timkelty avatar Aug 31 '22 19:08 timkelty

That did the trick. Thanks Tim!

elivz avatar Sep 01 '22 12:09 elivz