7.5.1 forgeops base images with critical CVEs

[bvawdrey-zions-bancorp]

We've been notified by our security team that the images we're using as a base have some critical vulnerabilities. We've remidiated them manually by manipulating the Dockerfiles, but they should likely be fixed in the base images. We're using the latest 7.5.1 (timestamped) images marked below from http://releases.forgeops.com/

admin-ui - 7.5.1-202603311402

• CVE-2024-40896 | version of libxml2 needs to be updated to versions 2.13.3, 2.12.9 or 2.11.9

login-ui - 7.5.1-202603311402

• CVE-2024-40896 | version of libxml2 needs to be updated to versions 2.13.3, 2.12.9 or 2.11.9

end-user-ui - 7.5.1-202603311407

• CVE-2024-40896 | version of libxml2 needs to be updated to versions 2.13.3, 2.12.9 or 2.11.9

[bvawdrey-zions-bancorp]

I've tried updating to latest 8.0.1 versions and they also have the same vulnerability because libxml2 is v 2.11.8-r003