Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(master): release 2.7.8 #63

Merged
merged 1 commit into from
Nov 16, 2024
Merged

chore(master): release 2.7.8 #63

merged 1 commit into from
Nov 16, 2024

Conversation

lotyp
Copy link
Member

@lotyp lotyp commented Nov 16, 2024

🤖 I have created a release beep boop

2.7.8 (2024-11-16)

Dependencies

  • deps: update davidanson/markdownlint-cli2-action action to v18 (#62) (18dbf43)

This PR was generated with Release Please. See documentation.

@lotyp lotyp enabled auto-merge November 16, 2024 09:11
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:f3a1c56700c7c7946a8ca55ead543c0e68195ae4a94fd24ce9b892b87bfa1ebd
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size105 MB
packages230
📦 Base Image oisupport/staging-amd64:77ec3a73969f4535569eb3a36b8ddb8f55403736054094060fa6bce51a0018cc
also known as
  • 8.1-fpm-alpine
  • 8.1-fpm-alpine3.20
  • 8.1.30-fpm-alpine
  • 8.1.30-fpm-alpine3.20
digestsha256:e6936df453823a08cbb2d0f25aa710077d8eff235c69dd4ee0869184660bd1c9
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is :77ec3a73969f4535569eb3a36b8ddb8f55403736054094060fa6bce51a0018cc

Digest
Vulnerabilities
Size0 B
Packages0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:7bb5d1fa4f39ca79a3d343456d3c3f12c1af8a7ec48a91477a247984347b1bda
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size110 MB
packages229
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • cb29fce029e5824e8905a5d3dd097bb1591ba4d007236a8d8d9cb1babdd11acd
digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.25-alpine3.20
Digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.25-alpine, 8.2.25-alpine3.20, 8.2.25-cli-alpine, 8.2.25-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:d8471d62a6cd85e910b2e75c6e57322b394d2777deec857efcbc70b3eaa7d5d1
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size109 MB
packages229
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.30-alpine
  • 8.1.30-alpine3.20
  • 8.1.30-cli-alpine
  • 8.1.30-cli-alpine3.20
  • bcf44bed7d318c64227bc16f8def338e38acee3fc90237a1351a698d0e95e779
digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.30-alpine3.20
Digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 month ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.30
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.30-alpine, 8.1.30-alpine3.20, 8.1.30-cli-alpine, 8.1.30-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 38 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.25
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:99330ec493d86b0665f4b2ef90ad9e6e6f02bc9b29cccdcc50a42e8945c2ca2c
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size128 MB
packages247
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • cb29fce029e5824e8905a5d3dd097bb1591ba4d007236a8d8d9cb1babdd11acd
digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.25-alpine3.20
Digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.25-alpine, 8.2.25-alpine3.20, 8.2.25-cli-alpine, 8.2.25-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:1b0e381c60d76c62a19a7b5e731bfa0b56710efd7f62e44d42e85a4bd3164708
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size111 MB
packages229
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 84d7c92b0f7c436866ace80016292070a2ee245e160a4f0e3b4f1dc768c40182
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:b079985fd4e45f3f218ce170f2113f770c94b5a29be4528199c06781ea23207d
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size106 MB
packages230
📦 Base Image oisupport/staging-amd64:59afe80fd730aab04813365a55dc2f41ec965267ca578f3c644bedf86ddafd0d
also known as
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • 8.3-fpm-alpine
  • 8.3-fpm-alpine3.20
  • 8.3.13-fpm-alpine
  • 8.3.13-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
digestsha256:62b34bff310c94035a3b9de46231234155c033cd5b96043c8a37e8ad74f6b658
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is :59afe80fd730aab04813365a55dc2f41ec965267ca578f3c644bedf86ddafd0d

Digest
Vulnerabilities
Size0 B
Packages0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.13-alpine3.20
Digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size39 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.13
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.13-alpine, 8.3.13-alpine3.20, 8.3.13-cli-alpine, 8.3.13-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:4f1c09d012e58635583e5a6225f70385b5859fd33c9ad83c17bd59ddf31909aa
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size128 MB
packages247
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.30-alpine
  • 8.1.30-alpine3.20
  • 8.1.30-cli-alpine
  • 8.1.30-cli-alpine3.20
  • bcf44bed7d318c64227bc16f8def338e38acee3fc90237a1351a698d0e95e779
digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:37bfeb53b349768b9f7bf58ac8c6c22db3efc078081e36ac4487da466b1783d8
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size106 MB
packages230
📦 Base Image php:305d89fe8b211fcfef3850d82d07db263ee9b4e1867712f634bf1cb10032a8ba
also known as
  • 8.2-fpm-alpine
  • 8.2-fpm-alpine3.20
  • 8.2.25-fpm-alpine
  • 8.2.25-fpm-alpine3.20
digestsha256:284202dd6e14e0d426de35ad8a4f96774321a754037204d92f8492b15bd673b3
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-fpm-alpine

Name8.2.25-fpm-alpine3.20
Digestsha256:284202dd6e14e0d426de35ad8a4f96774321a754037204d92f8492b15bd673b3
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size34 MB
Packages51
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-fpm-alpine3.20, 8.2.25-fpm-alpine, 8.2.25-fpm-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-fpm-alpine
Image has same number of vulnerabilities
Also known as:
  • 8.3.13-fpm-alpine
  • 8.3.13-fpm-alpine3.20
  • 8.3-fpm-alpine3.20
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
 Benefits:
  • Same OS detected
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 35 MB
  • Flavor: alpine
  • OS: 3.20
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.30-alpine3.20
Digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 month ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.30
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.30-alpine, 8.1.30-alpine3.20, 8.1.30-cli-alpine, 8.1.30-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 38 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.25
 3 weeks ago



@github-actions GitHub Actions
Copy link

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:676741584491259d8ea98a5c26e27446d47fb00ab72a049528367024ac3d03c4
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size129 MB
packages247
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 84d7c92b0f7c436866ace80016292070a2ee245e160a4f0e3b4f1dc768c40182
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.13-alpine3.20
Digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size39 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.13
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.13-alpine, 8.3.13-alpine3.20, 8.3.13-cli-alpine, 8.3.13-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@way-finder-bot way-finder-bot self-assigned this Nov 16, 2024
@lotyp lotyp merged commit 5e47ac2 into master Nov 16, 2024
17 checks passed
@lotyp lotyp deleted the release-please--branches--master--components--docker-php-dev branch November 16, 2024 09:14
@lotyp
Copy link
Member Author

lotyp commented Nov 16, 2024

🤖 Created releases:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@way-finder-bot way-finder-bot way-finder-bot approved these changes

Assignees

@way-finder-bot way-finder-bot

Labels
autorelease: tagged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lotyp @way-finder-bot