Skip to content

chore(master): release 2.8.18 #149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

Conversation

lotyp
Copy link
Member

@lotyp lotyp commented May 18, 2025

🤖 I have created a release beep boop

2.8.18 (2025-05-18)

Dependencies

  • deps: update wayofdev/gh-actions action to v3.3.0 (#148) (1e1568b)

This PR was generated with Release Please. See documentation.

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:aa2946c34d20a267175265b1c03d4b92a9c3edd9bef60df57638e089851e55c0
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size73 MB
packages102
📦 Base Image php:24ac050dcc4880667a2ccf9bde874bbf97b59a2011f169da105d9d2258a935dc
also known as
  • 8-fpm-alpine
  • 8-fpm-alpine3.21
  • 8.4-fpm-alpine
  • 8.4-fpm-alpine3.21
  • 8.4.7-fpm-alpine
  • 8.4.7-fpm-alpine3.21
  • fpm-alpine
  • fpm-alpine3.21
digestsha256:21c60daae66ca8e05c2fd6bb080adc60fc33a1fa7e50ac9c7434c8faab11f9e0
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8-fpm-alpine

Namefpm-alpine3.21
Digestsha256:21c60daae66ca8e05c2fd6bb080adc60fc33a1fa7e50ac9c7434c8faab11f9e0
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size36 MB
Packages53
Flavoralpine
OS3.21
The base image is also available under the supported tag(s): 8-fpm-alpine3.21, 8.4-fpm-alpine, 8.4-fpm-alpine3.21, 8.4.7-fpm-alpine, 8.4.7-fpm-alpine3.21, fpm-alpine, fpm-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-fpm-alpine
Minor runtime version update
Also known as:
  • 8.3.21-fpm-alpine
  • 8.3.21-fpm-alpine3.21
  • 8.3-fpm-alpine3.21
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image is smaller by 3.3 MB
  • Tag was pushed more recently
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 33 MB
  • Flavor: alpine
  • OS: 3.21
  • Runtime: 8.3.21
1 week ago



Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:76df9b7167e0ef435539c44de9749ac01ac814c19f1bb797effd9e9eb3456c9e
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size74 MB
packages101
📦 Base Image php:8.3-alpine
also known as
  • 8.3-alpine3.21
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.21
  • 8.3.21-alpine3.21
  • 8.3.21-cli-alpine
  • b4a7dce0f636fdead2ad82c4cc1958885ce8f27156cc65986a5fafde3c39e039
digestsha256:fdd2f8e22382a7477bee883a0a5669784e6bb67abdabbb15a1b22bc9d165b0fa
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:5ce3045cd45bad1ae58e13585e24a4de7f7015d35dbc6e7a5644ceeade102229
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size69 MB
packages102
📦 Base Image php:8.3-fpm-alpine
also known as
  • 8.3-fpm-alpine3.21
  • 8.3.21-fpm-alpine
  • 8.3.21-fpm-alpine3.21
  • e6101f30b201bbb04ad5b0359f9127cb7732865bd4b64b41206416306bc5d2d3
digestsha256:7850e3eed24f02f136de8adc3d3404902aaa779fc3b430165b85d9ed96e99dce
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.3-alpine

Name8.3.21-alpine3.21
Digestsha256:fdd2f8e22382a7477bee883a0a5669784e6bb67abdabbb15a1b22bc9d165b0fa
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size37 MB
Packages52
Flavoralpine
OS3.21
Runtime8.3.21
The base image is also available under the supported tag(s): 8.3-alpine3.21, 8.3-cli-alpine, 8.3-cli-alpine3.21, 8.3.21-alpine3.21, 8.3.21-cli-alpine

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.4-alpine
Minor runtime version update
Also known as:
  • 8.4.7-cli-alpine
  • 8.4.7-cli-alpine3.21
  • 8.4-cli-alpine
  • 8.4-cli-alpine3.21
  • 8-cli-alpine
  • 8-cli-alpine3.21
  • cli-alpine
  • cli-alpine3.21
  • alpine
  • alpine3.21
  • 8.4.7-alpine
  • 8.4.7-alpine3.21
  • 8.4-alpine3.21
  • 8-alpine
  • 8-alpine3.21
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 42 MB
  • Flavor: alpine
  • OS: 3.21
  • Runtime: 8.4.7
1 week ago



Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.3-fpm-alpine

Name8.3.21-fpm-alpine3.21
Digestsha256:7850e3eed24f02f136de8adc3d3404902aaa779fc3b430165b85d9ed96e99dce
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size33 MB
Packages53
Flavoralpine
OS3.21
Runtime8.3.21
The base image is also available under the supported tag(s): 8.3-fpm-alpine3.21, 8.3.21-fpm-alpine, 8.3.21-fpm-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.4-fpm-alpine
Image has same number of vulnerabilities
Also known as:
  • 8.4.7-fpm-alpine
  • 8.4.7-fpm-alpine3.21
  • 8.4-fpm-alpine3.21
  • 8-fpm-alpine
  • 8-fpm-alpine3.21
  • fpm-alpine
  • fpm-alpine3.21
Benefits:
  • Same OS detected
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 36 MB
  • Flavor: alpine
  • OS: 3.21
1 week ago



Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:1e54b5c8f1e527e10e9b487a09a27997fa1d7c18918ce4795bbdf870adfb0a22
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size97 MB
packages122
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.21
  • 8-cli-alpine
  • 8-cli-alpine3.21
  • 8.4-alpine
  • 8.4-alpine3.21
  • 8.4-cli-alpine
  • 8.4-cli-alpine3.21
  • 8.4.7-alpine
  • 8.4.7-alpine3.21
  • 8.4.7-cli-alpine
  • 8.4.7-cli-alpine3.21
  • alpine
  • alpine3.21
  • cli-alpine
  • cli-alpine3.21
  • db7a59aab999a309b5961761860f6eb2904a8ccbb73598579073f0a0641c8c64
digestsha256:eba240a13bd3e5cf77a99c1b4c9ed1373e9622b0a8ac18fe3e7727c35dc40ded
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8-alpine

Name8.4.7-alpine3.21
Digestsha256:eba240a13bd3e5cf77a99c1b4c9ed1373e9622b0a8ac18fe3e7727c35dc40ded
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size42 MB
Packages52
Flavoralpine
OS3.21
Runtime8.4.7
The base image is also available under the supported tag(s): 8-alpine3.21, 8-cli-alpine, 8-cli-alpine3.21, 8.4-alpine, 8.4-alpine3.21, 8.4-cli-alpine, 8.4-cli-alpine3.21, 8.4.7-alpine, 8.4.7-alpine3.21, 8.4.7-cli-alpine, 8.4.7-cli-alpine3.21, alpine, alpine3.21, cli-alpine, cli-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:22516e25baf52c6af11b44da1de109a8ef0019121f5db41f9758cd5660c63dee
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size79 MB
packages101
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.21
  • 8-cli-alpine
  • 8-cli-alpine3.21
  • 8.4-alpine
  • 8.4-alpine3.21
  • 8.4-cli-alpine
  • 8.4-cli-alpine3.21
  • 8.4.7-alpine
  • 8.4.7-alpine3.21
  • 8.4.7-cli-alpine
  • 8.4.7-cli-alpine3.21
  • alpine
  • alpine3.21
  • cli-alpine
  • cli-alpine3.21
  • db7a59aab999a309b5961761860f6eb2904a8ccbb73598579073f0a0641c8c64
digestsha256:eba240a13bd3e5cf77a99c1b4c9ed1373e9622b0a8ac18fe3e7727c35dc40ded
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

1 similar comment
Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8-alpine

Name8.4.7-alpine3.21
Digestsha256:eba240a13bd3e5cf77a99c1b4c9ed1373e9622b0a8ac18fe3e7727c35dc40ded
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size42 MB
Packages52
Flavoralpine
OS3.21
Runtime8.4.7
The base image is also available under the supported tag(s): 8-alpine3.21, 8-cli-alpine, 8-cli-alpine3.21, 8.4-alpine, 8.4-alpine3.21, 8.4-cli-alpine, 8.4-cli-alpine3.21, 8.4.7-alpine, 8.4.7-alpine3.21, 8.4.7-cli-alpine, 8.4.7-cli-alpine3.21, alpine, alpine3.21, cli-alpine, cli-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

github-actions bot commented May 18, 2025

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest
digestsha256:fb1c9531ba23ccf9d4f16bd5db8425c51bb9775e975638a0108409882e20f9b3
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size92 MB
packages122
📦 Base Image php:8.3-alpine
also known as
  • 8.3-alpine3.21
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.21
  • 8.3.21-alpine3.21
  • 8.3.21-cli-alpine
  • b4a7dce0f636fdead2ad82c4cc1958885ce8f27156cc65986a5fafde3c39e039
digestsha256:fdd2f8e22382a7477bee883a0a5669784e6bb67abdabbb15a1b22bc9d165b0fa
vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

Copy link

github-actions bot commented May 18, 2025

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.3-alpine

Name8.3.21-alpine3.21
Digestsha256:fdd2f8e22382a7477bee883a0a5669784e6bb67abdabbb15a1b22bc9d165b0fa
Vulnerabilitiescritical: 0 high: 0 medium: 1 low: 1
Pushed1 week ago
Size37 MB
Packages52
Flavoralpine
OS3.21
Runtime8.3.21
The base image is also available under the supported tag(s): 8.3-alpine3.21, 8.3-cli-alpine, 8.3-cli-alpine3.21, 8.3.21-alpine3.21, 8.3.21-cli-alpine

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.4-alpine
Minor runtime version update
Also known as:
  • 8.4.7-cli-alpine
  • 8.4.7-cli-alpine3.21
  • 8.4-cli-alpine
  • 8.4-cli-alpine3.21
  • 8-cli-alpine
  • 8-cli-alpine3.21
  • cli-alpine
  • cli-alpine3.21
  • alpine
  • alpine3.21
  • 8.4.7-alpine
  • 8.4.7-alpine3.21
  • 8.4-alpine3.21
  • 8-alpine
  • 8-alpine3.21
Benefits:
  • Same OS detected
  • Minor runtime version update
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 42 MB
  • Flavor: alpine
  • OS: 3.21
  • Runtime: 8.4.7
1 week ago



Copy link

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1
digestsha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilitiescritical: 1 high: 4 medium: 0 low: 0
platformlinux/amd64
size104 MB
packages248
📦 Base Image alpine:3
also known as
  • 3.21
  • 3.21.3
  • latest
digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 1 high: 4 medium: 0 low: 0 stdlib 1.22.4 (golang)

pkg:golang/[email protected]

critical : CVE--2025--22871

Affected range<1.23.8
Fixed version1.23.8
EPSS Score0.018%
EPSS Percentile3rd percentile
Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.054%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.108%
EPSS Percentile30th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2024--24791

Affected range>=1.22.0-0
<1.22.5
Fixed version1.22.5
EPSS Score0.200%
EPSS Percentile43rd percentile
Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.127%
EPSS Percentile33rd percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Copy link

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name3.21.3
Digestsha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 months ago
Size3.6 MB
Packages19
OS3.21.3
The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@way-finder-bot way-finder-bot self-requested a review May 18, 2025 17:56
@way-finder-bot way-finder-bot self-assigned this May 18, 2025
@lotyp lotyp merged commit 82948bd into master May 18, 2025
20 checks passed
@lotyp lotyp deleted the release-please--branches--master--components--docker-php-base branch May 18, 2025 17:56
@lotyp
Copy link
Member Author

lotyp commented May 18, 2025

🤖 Created releases:

🌻

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants