Hi,
We are using the latest TLS version of tyk and we found 2 vulnerabilities with critical and high risk.
What is the SLA for resolving those risks?
Thanks
Vulnerabilities information below:
✗ High severity vulnerability found in systemd/libsystemd0
Description: Allocation of Resources Without Limits or Throttling
Info: Allocation of Resources Without Limits or Throttling in systemd | CVE-2023-50387 | Snyk
Introduced through: systemd/[email protected]~deb12u1, [email protected], [email protected]+deb12u1, util-linux/bsdutils@1:2.38.1-5+deb12u1, systemd/[email protected]~deb12u1
From: systemd/[email protected]~deb12u1
From: [email protected] > systemd/[email protected]~deb12u1
From: [email protected]+deb12u1 > systemd/[email protected]~deb12u1
and 5 more…
Image layer: Introduced by your base image (tykio/tyk-gateway:v5.3.2)
Fixed in: 252.23-1~deb12u1
✗ Critical severity vulnerability found in zlib/zlib1g
Description: Integer Overflow or Wraparound
Info: Integer Overflow or Wraparound in zlib | CVE-2023-45853 | Snyk
Introduced through: zlib/zlib1g@1:1.2.13.dfsg-1, [email protected]+deb12u1, [email protected], [email protected]
From: zlib/zlib1g@1:1.2.13.dfsg-1
From: [email protected]+deb12u1 > zlib/zlib1g@1:1.2.13.dfsg-1
From: [email protected] > apt/[email protected] > zlib/zlib1g@1:1.2.13.dfsg-1
and 2 more…
Image layer: Introduced by your base image (tykio/tyk-gateway:v5.3.2)