log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
1.28k
stars
215
forks
source link
[Snyk] Security upgrade python from 3.11.0a5-alpine to 3.11.0a6-alpine #49
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Changes included in this PR
log4-scanner/Dockerfile
We recommend upgrading to python:3.11.0a6-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.
Some of the most important vulnerabilities in your base image include:
mcdonnnj
commented
2 years ago
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Changes included in this PR
We recommend upgrading to
python:3.11.0a6-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Some of the most important vulnerabilities in your base image include:
SNYK-ALPINE315-KRB5-2432006
SNYK-ALPINE315-LIBRETLS-2428776
SNYK-ALPINE315-OPENSSL-2426331
SNYK-ALPINE315-OPENSSL-2426331
SNYK-ALPINE315-ZLIB-2434420
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.