OpenSSL CVE-2022-3602 vulnerabilities I found in ECS containers

0

Hello, After checking AWS Inspector for CVE vulnerabilities I found that they are in ECS containers of our application. How do I fix container vulnerabilities please? Thank you in advance

2 réponses
0

Please check the OpenSSL Security Advisory post for November 2022 that we published. In here you will find links to rectify OpenSSL vulnerabilities for ECS.

profile pictureAWS
répondu il y a un an
0

The recommended fix for both CVE-2022-3602 and CVE-2022-3786 is to update OpenSSL to version 3.0.7.

Depending on the Container OS that you are using, it will have different packages versions to update. For example, Ubuntu 22.04 users can upgrade the “openssl” package to version 3.0.2-0ubuntu1.7. Red Hat Enterprise Linux 9 users can upgrade the “openssl” package to version openssl-3.0.1-43.el9_0

profile pictureAWS
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions