Please check the OpenSSL Security Advisory post for November 2022 that we published. In here you will find links to rectify OpenSSL vulnerabilities for ECS.
The recommended fix for both CVE-2022-3602 and CVE-2022-3786 is to update OpenSSL to version 3.0.7.
Depending on the Container OS that you are using, it will have different packages versions to update. For example, Ubuntu 22.04 users can upgrade the “openssl” package to version 3.0.2-0ubuntu1.7. Red Hat Enterprise Linux 9 users can upgrade the “openssl” package to version openssl-3.0.1-43.el9_0
ECS dns lookups of containersAccepted Answerasked a year ago
Amazon Inspector v2 ECR enhanced scans are not finding expected vulnerabilitiesasked a year ago
OpenSSL v3 vulnerability: Are all ECS-optimized AMIs affected or just the Amazon Linux 2022 based ones?Accepted Answerasked a month ago
Containers based on Red Hat UBI 8 not scanned in ECR by Amazon InspectorAccepted Answerasked a year ago
AWS Inspector V2 and AWS Inspector Classic findings are differentasked 21 days ago
Creating aws context for Deploying Docker containers on ECSasked 2 months ago
False positive in ECR container image detected by AWS Inspector v2 related with com.fasterxml.jackson.core:jackson-databind?asked a year ago
OpenSSL CVE-2022-3602 vulnerabilities I found in ECS containersasked 14 days ago
Amazon Linux 2 - How can I know if a CVE has been patched?asked 4 months ago
ECS containers running on private subnet can not reach elastic searchAccepted Answerasked 3 years ago