libcrypto and libssl CVEs

Question

libcrypto and libssl CVEs

Closed this issue 3 years ago · 2 comments

The latest docker image (2.0.3) currently contains Critical and High CVEs (CVE-2021-3711) and (CVE-2021-3712) in libcrypto and libssl. These should be fixed in the latest version of the base image alpine.

https://nvd.nist.gov/vuln/detail/CVE-2021-3711

https://nvd.nist.gov/vuln/detail/CVE-2021-3712

Answer 1 · 2021-11-04T20:29:29.000Z

@BrianKopp Thanks for reporting this.

Answer 2 · 2021-11-04T21:25:54.000Z

@BrianKopp This should be fixed in https://github.com/hipages/php-fpm_exporter/releases/tag/v2.0.4