[Snyk] Security upgrade tomcat from 8.5.34-jre8 to 8.5.97-jre8 (!13) · Merge requests · Nico Langhorst / OTP

Ghost User requested to merge snyk-fix-a20a217a57db92ef6cc5656c00217606 into master Dec 17, 2023

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this Merge Request

docker/otp-war/Dockerfile

We recommend upgrading to tomcat:8.5.97-jre8, as this image has only 13 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
714	Integer Overflow or Wraparound SNYK-DEBIAN9-EXPAT-2331793	No Known Exploit
729	Out-of-bounds Write SNYK-DEBIAN9-FREETYPE-1019584	Mature
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[Snyk] Security upgrade tomcat from 8.5.34-jre8 to 8.5.97-jre8

Changes included in this Merge Request

Merge request reports