hypertrace-ui icon indicating copy to clipboard operation
hypertrace-ui copied to clipboard
verified publisher icon hypertrace

[Snyk] Security upgrade nginx from 1.25.3-alpine to 1.25.4-alpine

Open JBAhire opened this issue 1 year ago • 1 comments

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • Dockerfile

We recommend upgrading to nginx:1.25.4-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 614 Resource Exhaustion
SNYK-ALPINE318-EXPAT-6241039		 No Known Exploit
medium severity 514 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
SNYK-ALPINE318-EXPAT-6241040		 No Known Exploit
high severity 614 Use After Free
SNYK-ALPINE318-LIBXML2-6245694		 No Known Exploit
low severity 436 CVE-2024-2511
SNYK-ALPINE318-OPENSSL-6593964		 No Known Exploit
low severity 436 CVE-2024-2511
SNYK-ALPINE318-OPENSSL-6593964		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Resource Exhaustion 🦉 Use After Free

JBAhire avatar Apr 19 '24 17:04 JBAhire