Skip to content

[Snyk] Security upgrade nginx from 1.29.1-alpine to 1.29.3-alpine#9251

Merged
DanielSass merged 1 commit into
mainfrom
snyk-fix-ed095c365bd8e883e5393fa406bda1fc
Oct 29, 2025
Merged

[Snyk] Security upgrade nginx from 1.29.1-alpine to 1.29.3-alpine#9251
DanielSass merged 1 commit into
mainfrom
snyk-fix-ed095c365bd8e883e5393fa406bda1fc

Conversation

@rin-skylight
Copy link
Copy Markdown
Contributor

@rin-skylight rin-skylight commented Oct 29, 2025

snyk-top-banner

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • nginx/Dockerfile

We recommend upgrading to nginx:1.29.3-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Expired Pointer Dereference
SNYK-ALPINE322-LIBXML2-13505214		   786  
critical severity Out-of-bounds Read
SNYK-ALPINE322-LIBXML2-13505216		   786  
critical severity Out-of-bounds Write
SNYK-ALPINE322-PCRE2-13637025		   786  
high severity Expired Pointer Dereference
SNYK-ALPINE322-LIBXML2-13505213		   686  
high severity Out-of-bounds Write
SNYK-ALPINE322-LIBXML2-13505215		   686  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@rin-skylight rin-skylight requested review from a team as code owners October 29, 2025 10:08
@rin-skylight rin-skylight requested review from DavidMcClatchey, mpbrown and schreiaj and removed request for a team October 29, 2025 10:08
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Oct 29, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

mpbrown
mpbrown approved these changes Oct 29, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@mpbrown mpbrown left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM based on the nginx image building and e2e tests passing (e2e job spins up the nginx container)

@DanielSass DanielSass added this pull request to the merge queue Oct 29, 2025
Merged via the queue into main with commit b46a1b9 Oct 29, 2025
35 checks passed
@DanielSass DanielSass deleted the snyk-fix-ed095c365bd8e883e5393fa406bda1fc branch October 29, 2025 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DanielSass DanielSass DanielSass approved these changes

@mpbrown mpbrown mpbrown approved these changes

@schreiaj schreiaj Awaiting requested review from schreiaj schreiaj is a code owner automatically assigned from CDCgov/simplereport-dependencyreviews

@DavidMcClatchey DavidMcClatchey Awaiting requested review from DavidMcClatchey DavidMcClatchey is a code owner automatically assigned from CDCgov/simplereport-dependencyreviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rin-skylight @DanielSass @mpbrown @snyk-bot