[Snyk] Security upgrade tomcat from 8.5.34-jre8 to 8.5.92-jre8 (!6) · Merge requests · Nico Langhorst / OTP

snyk requested to merge snyk-fix-d7fc8f8d353f6763bbe8e04c7025c6d4 into master Aug 26, 2023

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this Merge Request

docker/otp-war/Dockerfile

We recommend upgrading to tomcat:8.5.92-jre8, as this image has only 15 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
729	Out-of-bounds Write SNYK-DEBIAN9-FREETYPE-1019584	Mature
714	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356488	No Known Exploit
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature
786	Out-of-Bounds SNYK-DEBIAN9-GLIBC-356506	Mature

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[Snyk] Security upgrade tomcat from 8.5.34-jre8 to 8.5.92-jre8

Changes included in this Merge Request

Merge request reports