CVE-2025-22874 - Usage of ExtKeyUsageAny disables policy validation in crypto/x509 (datadog/serverless-init)

[ejasarevic]

Hi, we are using datadog/serverless-init:1-alpine (points to 1.7.3 currently) and got report for CVE-2025-22874 vulnerability.

Are you already aware of this one?

[apiarian-datadog]

Hi! Thanks for reaching out with this. We're checking our builds now, but could you run your check on the 1.7.5 build? That should be the latest now and may should have the patch already.

Thanks,
Al