Security problem - CVE-2022-22704
CVE-2022-22704: The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
tried upgrading linux-tools, but that did not help. Below is a dockerfile example to reproduce the issue:
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-alpine
RUN apk update && apk add --upgrade apk-tools && apk -U upgrade
And the security(Aqua CSP) scan report: Any assistance is highly appreciated. Thanks