[PR #1715] [CLOSED] [Snyk] Security upgrade node from 12.10.0-alpine to 12.22.0-alpine #3458

New issue

Closed

opened 2026-03-17 01:04:15 +03:00 by kerem · 0 comments

kerem commented

2026-03-17 01:04:15 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hoppscotch/hoppscotch/pull/1715
Author: @snyk-bot
Created: 6/11/2021
Status: ❌ Closed

Base: main ← Head: snyk-fix-8a15854b28bc537d58eadebd84d0a94a

📝 Commits (1)

398f3b6 fix: Dockerfile to reduce vulnerabilities

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 Dockerfile (+1 -1)

📄 Description

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

Dockerfile

We recommend upgrading to node:12.22.0-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
821	HTTP Request Smuggling SNYK-UPSTREAM-NODE-1055465	Proof of Concept
821	Arbitrary File Overwrite SNYK-UPSTREAM-NODE-538285	Proof of Concept
821	Arbitrary File Write SNYK-UPSTREAM-NODE-538286	Proof of Concept
821	Improper Certificate Validation SNYK-UPSTREAM-NODE-546815	Proof of Concept
725	Memory Corruption SNYK-UPSTREAM-NODE-570870	No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hoppscotch/hoppscotch/pull/1715 **Author:** [@snyk-bot](https://github.com/snyk-bot) **Created:** 6/11/2021 **Status:** ❌ Closed **Base:** `main` ← **Head:** `snyk-fix-8a15854b28bc537d58eadebd84d0a94a` --- ### 📝 Commits (1) - [`398f3b6`](https://github.com/hoppscotch/hoppscotch/commit/398f3b63c0f22174687e425e06a63fe8160e7a7b) fix: Dockerfile to reduce vulnerabilities ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `Dockerfile` (+1 -1) </details> ### 📄 Description Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. #### Changes included in this PR - Dockerfile We recommend upgrading to `node:12.22.0-alpine`, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: | Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **821** | HTTP Request Smuggling [SNYK-UPSTREAM-NODE-1055465](https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1055465) | Proof of Concept | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **821** | Arbitrary File Overwrite [SNYK-UPSTREAM-NODE-538285](https://snyk.io/vuln/SNYK-UPSTREAM-NODE-538285) | Proof of Concept | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **821** | Arbitrary File Write [SNYK-UPSTREAM-NODE-538286](https://snyk.io/vuln/SNYK-UPSTREAM-NODE-538286) | Proof of Concept | | ![critical severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/c.png "critical severity") | **821** | Improper Certificate Validation [SNYK-UPSTREAM-NODE-546815](https://snyk.io/vuln/SNYK-UPSTREAM-NODE-546815) | Proof of Concept | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **725** | Memory Corruption [SNYK-UPSTREAM-NODE-570870](https://snyk.io/vuln/SNYK-UPSTREAM-NODE-570870) | No Known Exploit | --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxOWE1ZTZmNi01ZjA4LTQxMmYtYTk0Yy1kNjE0MjhjMDkzZDgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjE5YTVlNmY2LTVmMDgtNDEyZi1hOTRjLWQ2MTQyOGMwOTNkOCJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/hoppscotch/project/1bf83de7-12ed-4296-bb8a-a1df83fde800) 🛠 [Adjust project settings](https://app.snyk.io/org/hoppscotch/project/1bf83de7-12ed-4296-bb8a-a1df83fde800/settings) [//]: # 'snyk:metadata:{"prId":"19a5e6f6-5f08-412f-a94c-d61428c093d8","prPublicId":"19a5e6f6-5f08-412f-a94c-d61428c093d8","dependencies":[{"name":"node","from":"12.10.0-alpine","to":"12.22.0-alpine"}],"packageManager":"dockerfile","projectPublicId":"1bf83de7-12ed-4296-bb8a-a1df83fde800","projectUrl":"https://app.snyk.io/org/hoppscotch/project/1bf83de7-12ed-4296-bb8a-a1df83fde800?utm_source=github&utm_medium=fix-pr","type":"auto","patch":[],"vulns":["SNYK-UPSTREAM-NODE-546815","SNYK-UPSTREAM-NODE-538286","SNYK-UPSTREAM-NODE-538285","SNYK-UPSTREAM-NODE-1055465","SNYK-UPSTREAM-NODE-570870"],"upgrade":["SNYK-UPSTREAM-NODE-1055465","SNYK-UPSTREAM-NODE-538285","SNYK-UPSTREAM-NODE-538286","SNYK-UPSTREAM-NODE-546815","SNYK-UPSTREAM-NODE-570870"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[821,821,821,821,725]}' --- 🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.