Skip to content

Docs: Docker examples use image node:18-alpine with vulnerability #78465

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
JakobKlotz opened this issue Apr 23, 2025 · 0 comments
Open

Docs: Docker examples use image node:18-alpine with vulnerability #78465

JakobKlotz opened this issue Apr 23, 2025 · 0 comments

Comments

@JakobKlotz
Copy link

What is the documentation issue?

Related to the documentation of self-hosting with Docker (the issue template specifically designed for examples did not work).

Problem

I noticed that all three Docker examples

  • with-docker (1)
  • with-docker-compose (1, 2, 3)
  • with-docker-multi-env (1, 2, 3)

and their respective Dockerfiles use the image node:18-alpine. The image has a known vulnerability (CVE-2024-21538) (ref 1, 2)

Is there any context that might help us understand?

It might be a good time to update the Docker examples to use a more recent version of the image, such as node:22-alpine (link) or the LTS tag node:lts-alpine (link), which both do not have this vulnerability.

If this change is deemed useful, I'd be happy to open a Pull Request to update the relevant Dockerfiles.

Does the docs page already exist? Please link to it.

https://nextjs.org/docs/app/guides/self-hosting#docker-image
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JakobKlotz