You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Checking the latest version of the lambda/dotnet:8 image shows it is using an older version of the krb5-libs package which is vulnerable to CVE-2024-37371:
Hi team,
Checking the latest version of the
lambda/dotnet:8
image shows it is using an older version of thekrb5-libs
package which is vulnerable to CVE-2024-37371:As per ALAS-2024-688, the fix is in package version
krb5-libs-1.21.3-1.amzn2023.0.1.x86_64
.Issue also discussed in #171 for the
lambda/nodejs:20
image but I see the package was previously updated within the latest image.Can we update the package in this image as well?
The text was updated successfully, but these errors were encountered: