Skip to content

Conversation

@parseplatformorg
Copy link
Contributor

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 2 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • Dockerfile

We recommend upgrading to node:20.14.0-alpine3.20, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Use After Free
SNYK-ALPINE320-BUSYBOX-7233533
  586  
medium severity Use After Free
SNYK-ALPINE320-BUSYBOX-7233533
  586  
medium severity Use After Free
SNYK-ALPINE320-BUSYBOX-7233533
  586  
medium severity Use After Free
SNYK-ALPINE320-BUSYBOX-7233586
  586  
medium severity Use After Free
SNYK-ALPINE320-BUSYBOX-7233586
  586  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use After Free

@parse-github-assistant
Copy link

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant bot changed the title [Snyk] Security upgrade node from lts-alpine to 20.14.0-alpine3.20 refactor: Security upgrade node from lts-alpine to 20.14.0-alpine3.20 Jun 21, 2024
@parse-github-assistant
Copy link

Thanks for opening this pull request!

  • ❌ Please link an issue that describes the reason for this pull request, otherwise your pull request will be closed. Make sure to write it as Closes: #123 in the PR description, so I can recognize it.

@uffizzi-cloud
Copy link

uffizzi-cloud bot commented Jun 21, 2024

Uffizzi Ephemeral Environment deployment-53358

⌚ Updated Jun 21, 2024, 20:24 UTC

☁️ https://app.uffizzi.com/github.com/parse-community/parse-dashboard/pull/2575

📄 View Application Logs etc.

What is Uffizzi? Learn more

@mtrezza mtrezza merged commit ed3312f into alpha Jun 22, 2024
@mtrezza mtrezza deleted the snyk-fix-be7056c0e82739be353af37d62706b20 branch June 22, 2024 13:17
@parseplatformorg
Copy link
Contributor Author

🎉 This change has been released in version 6.0.0-alpha.8

@parseplatformorg parseplatformorg added the state:released-alpha Released as alpha version label Jun 27, 2024
@parseplatformorg
Copy link
Contributor Author

🎉 This change has been released in version 6.0.0-beta.2

@parseplatformorg parseplatformorg added the state:released-beta Released as beta version label Oct 7, 2024
@parseplatformorg
Copy link
Contributor Author

🎉 This change has been released in version 6.0.0

@parseplatformorg parseplatformorg added the state:released Released as stable version label Oct 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

state:released Released as stable version state:released-alpha Released as alpha version state:released-beta Released as beta version

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants