Need to fix mongo-express 1.0.2-20 5 critical and 4 high vulnerabilities

[bgoldiing]

Docker hub is currently detected 5 critical and 4 high vulnerabilities. Looks like just some minor npm package upgrades are needed.

[iamabjain]

Hi, Can I work on this issue ?
Also, can you list the steps what I need to do on my local- to see what are the vulnerabilities dependencies needed to be fixed.

[xTudoS]

Hi guys, So, the docker version is out-of-date

Hi, Can I work on this issue ? Also, can you list the steps what I need to do on my local- to see what are the vulnerabilities dependencies needed to be fixed.

This vulnerabilities looks like to be packages in their old versions, mongo-express keep them sync with last version thanks dependabot

but, a security check if never enough. If you want to validate this, you can clone the branch master and create a local docker image, and then just open docker desktop and you will be able to see this vulnerability page on the latest image.

If you find any outdated package that dependably couldn't update and/or another vulnerability , feel free to open a PR to fix them :D