Hello Everyone,
We are using the Grafana version 7.4.3 running in a docker (grafana/grafana:7.4.3) container in Azure environment. Recently we have found the below high alerts related to the alpine version used in this 7.4.3 docker image.
CVE-2022-0778 - Alpine Linux has released a security update for openssl to fix the vulnerabilities.
CVE-2021-36159 - Alpine Linux has released a security update for apk-tools to fix the vulnerabilities.
CVE-2022-28391 - Alpine Linux has released a security update for busybox to fix the vulnerabilities.
If we upgrade to the latest version of Grafana 9.0.1 docker version will it resolve all these vulnerabilities ? We could not find it anywhere mentioned that the latest version would resolve these CVEs.
Can you please advise?