while scanning xibo-cms:release-1.8.11 AWS identified the following 5 High vulnerabilities:
CVE-2018-14599 libx11 high 7.5 1.6.6-r0
CVE-2018-14600 libx11 high 7.5 1.6.6-r0
CVE-2017-7857 freetype high 7.5 None
CVE-2017-7858 freetype high 7.5 None
CVE-2017-7864 freetype high 7.5 None
Any suggestions on how they can be remediated ?
Thank you
Thanks for your message.
Fixes would need to be put in to Alpine Linux, and then they would be rolled in to the CMS container automatically. There does seem to be a fix for the libx11 libraries in Alpine so that’ll be in our next release automatically.
The CMS isn’t a graphical X11 application so none of those libraries will be in use. Indeed the freetype CVEs you link have no fix available for them in any case.
If you need the libx11 update applied now, you can always run apk update/upgrade inside the running container to get that newer library.