NGINIX vulnerability in DevKinsta

We have installed DevKinsta and the latest docker desktop for Mac on a MacBook running the latest Ventura. The Mac is a clean install - nothing else on it.

We’ve had a cyber essentials plus vulnerability scan performed on the Mac which has shown vulnerabilities relating to NGINIX :flushed:

I can only assume that’s installed as part of docker or DevKinsta. When devkinsta downloaded and installed we opened it but haven’t done anything else. It’s a vanilla install.

Can anyone clarify how we should update NGINIX to the latest version?

Hello @Phil_Shackleton :wave: Welcome to DevKinsta community!

Thank you for reaching us out related to that NGINX version issue.
I’m not sure yet if the NGINX can be manually updated in the docker’s container ( devkinsta_nginx ) or not.

We’ve asked this internally to our developers and are still waiting for their reply and clarification - whether it’s possible to manually update NGINX to the latest version, or if we would need to wait for a new DevKinsta version.
We will update you again as soon as we have more information/updates from them.


Hi @Phil_Shackleton ,

DevKinsta doesn’t currently offer the latest Nginx version that was released last week, and as we use a slim version of it in our DevKinsta image it is not easy to update Nginx without rebuilding the image. We have passed your feedback to our devs and hopefully the upcoming DevKinsta versions will include the latest Nginx update :crossed_fingers: