CVE Fixes Available? Follow Up to issue #15150
As Follow Up to Issue #15150 (closed), the following CVE: Have been flagged Security Scanners as having a Vendor Dependency Vulnerability located on Various Alpine Versions Images. We have the following list and corresponding CVE# (please see table below) listed for responses needed. Please let us know if we are submitting this incorrectly and or need to be posting in other areas of this UI.
**Alpine Version:Pkg:Release | CVE # | Alpine Linux Response**
alpine://3.12:libssl1.1:1.1.1g-r0 |CVE-2021-4160 |
alpine://3.13:git:2.30.2-r0 | CVE-2022-31012 |
alpine://3.13:git:2.30.2-r0 | CVE-2022-41953 |
alpine://3.13:sqlite-libs:3.34.1-r | CVE-2022-46908 |
alpine://3.13:zfs:2.0.1-r0 | CVE-2013-20001 |
alpine://3.15:freeradius-lib:3.0.25-r1 | CVE-2022-41861 |
alpine://3.15:freeradius-lib:3.0.25-r1 | CVE-2022-41860 |
alpine://3.15:freeradius-lib:3.0.25-r1 | CVE-2022-41859 |
alpine://3.15:libwbclient:4.15.13-r0 | CVE-2021-20251 |
alpine://3.15:libwbclient:4.15.13-r0 | CVE-2023-0614 |
alpine://3.15:libwbclient:4.15.13-r0 | CVE-2023-0225 |
alpine://3.15:libwbclient:4.15.13-r0 | CVE-2023-0922 |
alpine://3.15:samba-util-libs:4.15.13-r0 | CVE-2018-14628 |
alpine://3.16:linux-pam:1.5.2-r0 | CVE-2022-28321 |
alpine://3.16:linux-pam:1.5.2-r0 | CVE-2022-28321 |
alpine://3.16:mariadb-client:10.6.14-r0 | CVE-2022-47015 |
alpine://3.16:sudo:1.9.10-r0 | CVE-2023-28487 |
alpine://3.16:sudo:1.9.10-r0 | CVE-2023-28486 |
alpine://3.17:freetype:2.12.1-r0 | CVE-2023-2004 |
alpine://3.17:libpng:1.6.38-r0 | CVE-2022-3857 |
alpine://3.17:python3:3.10.11-r0 | CVE-2023-24329 |
alpine://3.16:python3:3.10.12-r0 | CVE-2023-24329 |
alpine://3.17:python3-dev:3.10.12-r0 | CVE-2023-24329 |
alpine://3.17:python3:3.10.11-r0 | CVE-2023-27043 |
alpine://3.17:python3:3.10.11-r0 | CVE-2023-27043 |
alpine://3.17:zstd-libs:1.5.5-r0 | CVE-2022-4899 |
alpine://3.18:zstd-libs:1.5.5-r4 | CVE-2022-4899 |