Skip to content

[Snyk] Security upgrade nginx from 1.27-alpine to 1.29.2-alpine#4385

Merged
zaelgohary merged 1 commit intodevelopmentfrom
snyk-fix-f86aa6e27e85cd06045e9742e93ff616
Oct 14, 2025
Merged

[Snyk] Security upgrade nginx from 1.27-alpine to 1.29.2-alpine#4385
zaelgohary merged 1 commit intodevelopmentfrom
snyk-fix-f86aa6e27e85cd06045e9742e93ff616

Conversation

@AhmedHanafy725
Copy link
Copy Markdown
Contributor

@AhmedHanafy725 AhmedHanafy725 commented Oct 14, 2025

snyk-top-banner

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • packages/stats/Dockerfile

We recommend upgrading to nginx:1.29.2-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Unchecked Return Value
SNYK-ALPINE321-LIBXML2-10123178		   614  
high severity Out-of-bounds Read
SNYK-ALPINE321-LIBXML2-10123179		   614  
low severity CVE-2025-9086
SNYK-ALPINE321-CURL-13277274		   436  
low severity Improper Certificate Validation
SNYK-ALPINE321-CURL-13277275		   436  
low severity Improper Certificate Validation
SNYK-ALPINE321-CURL-13277277		   436  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@zaelgohary zaelgohary merged commit e44afaf into development Oct 14, 2025
11 checks passed
0oM4R pushed a commit that referenced this pull request Oct 15, 2025
@AhmedHanafy725 @0oM4R
fix: packages/stats/Dockerfile to reduce vulnerabilities (#4385)
fcce927
@AhmedHanafy725 AhmedHanafy725 deleted the snyk-fix-f86aa6e27e85cd06045e9742e93ff616 branch November 20, 2025 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zaelgohary zaelgohary zaelgohary approved these changes

@MohamedElmdary MohamedElmdary Awaiting requested review from MohamedElmdary MohamedElmdary is a code owner

@Mahmoud-Emad Mahmoud-Emad Awaiting requested review from Mahmoud-Emad Mahmoud-Emad is a code owner

@amiraabouhadid amiraabouhadid Awaiting requested review from amiraabouhadid amiraabouhadid is a code owner

@0oM4R 0oM4R Awaiting requested review from 0oM4R 0oM4R is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AhmedHanafy725 @zaelgohary @snyk-bot