“Kerberos 5 BER unbounded recursion” vulnerability with mcr.microsoft.com/dotnet/aspnet:5.0 docker image

[chandramohank]

We are using twistlock(prisma cloud) to scan our docker images. One of our image using the mcr.microsoft.com/dotnet/aspnet:5.0 docker image. But while scanning through twistlock we are getting following vulnerability

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

It looks like this issue has been fixed in newer version of kerberos. But since aspnet:5.0 docker image uses it, we are unable to fix this vulnerability.

Any idea or alternative to fix this vulnerability would be greatly appreciated.