CVE-2023-29491 on python:3-slim

[JagruthNewsCorp]

Hi

I have discovered a high-vulnerability issue: python@3-slim › ncurses/libncursesw6@6.2+20201114-2 when I have used python:3-slim as a base image in Dockerfile,

May I know if there is a fix available for this?

https://security.snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
(https://www.cve.org/CVERecord?id=CVE-2023-29491)

[ad-m-ss]

python@3-slim is based on Debian, so we need fix upstream: https://security-tracker.debian.org/tracker/CVE-2023-29491

[tianon]

Indeed, given this is unfixed in Debian, there is not much we can do about it.

See also https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves

[JagruthNewsCorp]

Okay, Thank you for the information.

[jmonsma]

Hi, just want to let you know this is fixed upstream in debian (6.2+20201114-2+deb11u2), is it possible to run a new image version?