Scanning and vulnerabilities Issue

I have used your image with the tag: public.ecr.aws/dwchiang/nginx-php-fpm:8.4.5-fpm-bookworm-nginx-1.27.4.

After building the application, pushing it to AWS ECR, and performing a security scan, the following vulnerabilities were detected:

CRITICAL: 4
HIGH: 129
MEDIUM: 308
LOW: 6
UNDEFINED: 950
The 4 critical vulnerabilities are:


[CVE-2024-38541](https://nvd.nist.gov/vuln/detail/CVE-2024-38541)
[CVE-2025-49796](https://nvd.nist.gov/vuln/detail/CVE-2025-49796)
[CVE-2025-49794](https://nvd.nist.gov/vuln/detail/CVE-2025-49794)
[CVE-2025-27558](https://nvd.nist.gov/vuln/detail/CVE-2025-27558)

Can you update the image to patch these vulnerabilities, or suggest a solution for me to fix them?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Scanning and vulnerabilities Issue #24

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Scanning and vulnerabilities Issue #24

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions