[Snyk] Security upgrade nginx from 1.25.3-alpine to 1.25.4-alpine

[Samsonroyal]

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• app/compose/production/nginx/Dockerfile

We recommend upgrading to nginx:1.25.4-alpine, as this image has only 20 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Integer Overflow or Wraparound SNYK-ALPINE318-EXPAT-7908292	714
	Integer Overflow or Wraparound SNYK-ALPINE318-EXPAT-7908293	714
	XML External Entity (XXE) Injection SNYK-ALPINE318-EXPAT-7908294	714
	CVE-2024-6197 SNYK-ALPINE318-CURL-7569015	614
	Use After Free SNYK-ALPINE318-LIBXML2-6245694	614

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 XML External Entity (XXE) Injection
🦉 Use After Free

---

Important

Upgrade nginx base image in Dockerfile to 1.25.4-alpine to fix critical and high severity vulnerabilities.

• Dockerfile Update:
  • Upgrade nginx base image from 1.25.3-alpine to 1.25.4-alpine in Dockerfile to address 5 security vulnerabilities.
  • Critical vulnerabilities fixed include Integer Overflow and XML External Entity Injection.
  • High severity vulnerabilities fixed include CVE-2024-6197 and Use After Free.

^{This description was created by for 85a2fc8. It will automatically update as commits are pushed.}

[ellipsis-dev]

👍 Looks good to me! Reviewed everything up to 85a2fc8 in 6 seconds

More details

• Looked at 11 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 1 drafted comments based on config settings.

1. app/compose/production/nginx/Dockerfile:4

• Draft comment:
  It's a best practice to add a newline at the end of the file for POSIX compliance and to avoid potential issues with some tools.
• Reason this comment was not posted:
  Confidence changes required: 33%
  The Dockerfile lacks a newline at the end of the file, which is a best practice for POSIX compliance and to avoid potential issues with some tools.

Workflow ID: wflow_2Q7lJPX4mLyoaSt0

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.