OpenSSH in Alpine 3.17 has the following vulnerability: CVE-2023-28531
Alpine 3.17 OpenSSH 9.1_p1-r2 has ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
https://nvd.nist.gov/vuln/detail/CVE-2023-28531
Alpine 3.17 openSSH package has the following offending version available 9.1_p1-r2. The ask is to have a version 9.3_p1-r3 available which remediates the vulnerability.