Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Security upgrade hashicorp/terraform from 1.3.4 to 1.3.7 #72

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade hashicorp/terraform from 1.3.4 to 1.3.7 #72

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Jan 6, 2023

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • terraform/ecs/provision/Dockerfile

We recommend upgrading to hashicorp/terraform:1.3.7, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
high severity 471 Cleartext Transmission of Sensitive Information
SNYK-ALPINE316-CURL-3179541		 No Known Exploit
low severity 221 CVE-2022-43552
SNYK-ALPINE316-CURL-3179542		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot