log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
1.28k
stars
215
forks
source link
[Snyk] Security upgrade python from 3-alpine to 3.11.0a5-alpine #38
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Changes included in this PR
log4-scanner/Dockerfile
We recommend upgrading to python:3.11.0a5-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.
Some of the most important vulnerabilities in your base image include:
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Changes included in this PR
We recommend upgrading to
python:3.11.0a5-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Some of the most important vulnerabilities in your base image include:
SNYK-ALPINE315-EXPAT-2393733
SNYK-ALPINE315-EXPAT-2393735
SNYK-ALPINE315-UTILLINUX-2393739
SNYK-ALPINE315-UTILLINUX-2393741
SNYK-ALPINE315-UTILLINUX-2401805
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings