A vulnerability scanner tool identified three CVEs in the hubble-ui-backend image:

alpine 3.18.4

• CVE-2023-5363 - libcrypto3 and libssl3
• CVE-2023-5678 - libcrypto3 and libssl3

gobinary

• CVE-2022-29526 - golang.org/x/sys

This issue is a request to provide a new hubble-ui-backend image that upgrades these libraries to newer versions without the CVEs. Thank you!

Should be addressed in v0.12.3 released last week.