This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 73%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
We recently deployed a private AKS cluster 1.28.5 version. Cluster is not yet configured.
We installed Helm and then ran a WIZ scan to identify vulnerabilities.
Several vulnerabilities were identified, please see screenshot below.
Was wondering were these vulnerabilities are from and how to resolve them.
| Header 1 | Header 2 |
|---|---|
| Cell 1 | Cell 2 |
| Cell 3 | Cell 4 |
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 74%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
Hello Fobuzie, Marleo,
If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!
Hello Fobuzie, Marleo.
Welcome to microsoft Q&A, thankyou for posting your query here.
Please refer to https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli for Microsoft's documentation on supported Kubernetes versions in AKS.
If the version of 1.28.5 that is still supported is getting close to its end of life (EOL), you might want to update to 1.28.x, which is the most recent patch, instead. You might also consider updating to a more recent minor version (like 1.29.y), but make sure it works with your workloads first.
You should be able to fix the CVE-2022-44840 vulnerability in your AKS cluster by doing the following steps.
Using the package manager compatible with your operating system, update Helm to the most recent version.
The package versions that you utilized in your container images appear to be connected to the vulnerabilities, based on error images.
The error explains how to update the packages to specific versions in order to solve the vulnerabilities:
perl-base to version 5.30.0-9ubuntu0.5 or higher
libssl1.1 to version 3.0.8-1 or higher
Updates to fixed versions of libc6 and libssl1.1 can resolve vulnerabilities.
RUN apt upgrade libc6 libssl1.1
RUN apt upgrade binutils-common
Hope this helps you.
Hello Fobuzie, Marleo,
If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!