Dockerhub says I have the vulnerabilities: CVE-2023-5363 and CVE-2023-5678, which is part of the openssl package. See this image: 
Does anyone know how I can resolve this issue? I've simplified my nodejs project to just console.log('hello world'); and I removed all possible npm packages, but I still get this vulnerability. My hello project only consists of 4 files and they are:
~/src/index.js
console.log('hello'); ~/package.json
{ "name": "test", "version": "1.0.0", "main": "src/index.js", "scripts": {}, "dependencies": {}, "devDependencies": {} } ~/docker-compose.yml
version: "3.8" services: api_image: image: johndev/api:test2 build: context: ./ dockerfile: ./make.dockerfile ~/make.dockerfile
FROM node:21-alpine WORKDIR /api COPY ./package*.json ./ RUN mkdir ./src COPY ./src/ ./src/ RUN npm install ENTRYPOINT [ "echo", "'All Done'" ] To push an image to dockerhub, I just run these commands:
docker-compose up --build -d; docker push johndev/api:test2; What did I do wrong? What in my code is causing the vulnerabilities CVE-2023-5363 and CVE-2023-5678?
