We just updated our app image from 5.3.9.133 to 5.3.9.160, and got an unexpected bonus: Way fewer vulnerabilities in Lucee's dependency set now. (I've checked the ones in 5.3.9.133, and none seemed to be ones that Lucee could actually mitigate as they're known & unfixed issues in the OS / common libs the underlying OS image uses etc)

Good