Skip to content

[Snyk] Security upgrade node from 24.11.1-trixie-slim to 24.13.1-trixie-slim#340

Open
boyney123 wants to merge 1 commit intomainfrom
snyk-fix-a3f04547f9f48dbb1f614aad2fc9b876
Open

[Snyk] Security upgrade node from 24.11.1-trixie-slim to 24.13.1-trixie-slim#340
boyney123 wants to merge 1 commit intomainfrom
snyk-fix-a3f04547f9f48dbb1f614aad2fc9b876

Conversation

@boyney123
Copy link
Contributor

@boyney123 boyney123 commented Feb 16, 2026

snyk-top-banner

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • examples/generator-confluent-schema-registry/eventcatalog-chat-with-schemas-and-topics/Dockerfile.server

We recommend upgrading to node:24.13.1-trixie-slim, as this image has only 26 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Race Condition
SNYK-UPSTREAM-NODE-14928492		   861  
high severity UNIX Symbolic Link (Symlink) Following
SNYK-UPSTREAM-NODE-14928586		   761  
high severity Uncaught Exception
SNYK-UPSTREAM-NODE-14929624		   761  
high severity Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
SNYK-UPSTREAM-NODE-14975915		   721  
high severity CVE-2025-69421
SNYK-DEBIAN13-OPENSSL-15123186		   686  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Race Condition
🦉 Uncaught Exception

@changeset-bot
Copy link

changeset-bot bot commented Feb 16, 2026

⚠️ No Changeset found

Latest commit: c4e9dde

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@CLAassistant
Copy link

CLAassistant commented Feb 16, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@boyney123 @CLAassistant @snyk-bot