[Snyk] Security upgrade nginx from 1.25.1 to 1.25.5 #3340
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-5927132 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-5927132 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6210098 - https://snyk.io/vuln/SNYK-DEBIAN12-LIBWEBP-5893095 - https://snyk.io/vuln/SNYK-DEBIAN12-NGHTTP2-5953379
PR Summary
|
|
github-actions
bot
added
kubernetes
|
Code Climate has analyzed commit 7c3656c and detected 0 issues on this pull request. View more on Code Climate. |
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Cleartext Transmission of Sensitive Information vulnerability in curl Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Out-of-bounds Write vulnerability in curl Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Out-of-bounds Read vulnerability in db5.3 Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Integer Overflow or Wraparound vulnerability in expat Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Integer Overflow or Wraparound vulnerability in expat Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - XML External Entity (XXE) Injection vulnerability in expat Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - CVE-2024-37371 vulnerability in krb5 Critical
| @@ -1,4 +1,4 @@ | |||
| FROM nginx:1.27.1 | |||
| FROM nginx:1.27 | |||
Check failure
Code scanning / Snyk Container
Critical severity - Integer Overflow or Wraparound vulnerability in zlib Critical
This PR was automatically created by Snyk using the credentials of a real user.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Changes included in this PR
We recommend upgrading to
nginx:1.25.5, as this image has only 97 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Some of the most important vulnerabilities in your base image include:
SNYK-DEBIAN12-GLIBC-5927132
SNYK-DEBIAN12-GLIBC-5927132
SNYK-DEBIAN12-GLIBC-6210098
SNYK-DEBIAN12-LIBWEBP-5893095
SNYK-DEBIAN12-NGHTTP2-5953379
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Resource Exhaustion