terrascan icon indicating copy to clipboard operation
terrascan copied to clipboard

Published 20 hours ago verified publisher icon tenable

[Snyk] Security upgrade alpine from 3.14.6 to 3.18.3

Open mandibles232 opened this issue 1 year ago • 2 comments

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • integrations/argocd/Dockerfile

We recommend upgrading to alpine:3.18.3, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 400 Use After Free
SNYK-ALPINE314-OPENSSL-3314637		 No Known Exploit
high severity 400 Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-ALPINE314-OPENSSL-3314646		 No Known Exploit
high severity 400 Double Free
SNYK-ALPINE314-OPENSSL-3314653		 No Known Exploit
high severity 400 Improper Certificate Validation
SNYK-ALPINE314-OPENSSL-3368739		 No Known Exploit
critical severity 500 Out-of-bounds Write
SNYK-ALPINE314-ZLIB-2976174		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use After Free

mandibles232 avatar Aug 09 '23 03:08 mandibles232

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

sonarqubecloud[bot] avatar Aug 09 '23 03:08 sonarqubecloud[bot]

Codecov Report

Merging #1599 (6416ffa) into master (659310c) will not change coverage. The diff coverage is n/a.

:exclamation: Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1599   +/-   ##
=======================================
  Coverage   78.49%   78.49%           
=======================================
  Files         280      280           
  Lines        7906     7906           
=======================================
  Hits         6206     6206           
  Misses       1329     1329           
  Partials      371      371

codecov-commenter avatar Aug 09 '23 03:08 codecov-commenter