deps(deps): update googleapis/release-please-action action to v4.3.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
googleapis/release-please-action	action	minor	v4.2.0 -> v4.3.0

---

Release Notes

googleapis/release-please-action (googleapis/release-please-action)

v4.3.0

Compare Source

Features

• deps: update release-please to 17.1.2 (f07192c)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:4fbf3a7774db2d1bcde3194e5355da56decc13a6cf3cd002339b5cadf1fa6a21
vulnerabilities
platform	linux/amd64
size	72 MB
packages	118

📦 Base Image php:8.1-alpine

also known as	8.1-alpine3.21 8.1-cli-alpine 8.1-cli-alpine3.21 8.1.33-alpine 8.1.33-alpine3.21 8.1.33-cli-alpine 8.1.33-cli-alpine3.21 84499e7665570bbef8ca20d15c642d8d9485a887d6be7a8b335ca33b5d3126f0
digest	sha256:6ed5103426b2c742dcc4721afa9864e7faaedcbb84c92410762d0c5162a8bdb2
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.21 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:96f839e05e0d9ae739681e289e5693220586f0023f2f126d557730d01170a23d
vulnerabilities
platform	linux/amd64
size	81 MB
packages	120

📦 Base Image php:8-alpine

also known as	8-alpine3.22 8-cli-alpine 8-cli-alpine3.22 8.4-alpine 8.4-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 alpine alpine3.22 cli-alpine cli-alpine3.22 e4f9bb894d0d59558802c50d63685a084b2b4fb7eb77398e783423beab34d48f
digest	sha256:4ff5194e9fa697591425fa74e939879cde8c0d0da6a53b4b247cc47f43eb7d91
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.1-alpine

Name	8.1.33-alpine3.21
Digest	sha256:6ed5103426b2c742dcc4721afa9864e7faaedcbb84c92410762d0c5162a8bdb2
Vulnerabilities
Pushed	2 weeks ago
Size	36 MB
Packages	59
Flavor	alpine
OS	3.21
Runtime	8.1.33

The base image is also available under the supported tag(s): 8.1-alpine3.21, 8.1-cli-alpine, 8.1-cli-alpine3.21, 8.1.33-alpine, 8.1.33-alpine3.21, 8.1.33-cli-alpine, 8.1.33-cli-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.1-alpine3.22 Patch runtime version update Also known as: 8.1.33-cli-alpine3.22 8.1-cli-alpine3.22 8.1.33-alpine3.22	Benefits: Patch runtime version update Same OS detected Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 36 MB Flavor: alpine OS: 3.22 Runtime: 8.1.33	2 weeks ago
8.4-alpine Minor runtime version update Also known as: 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8-cli-alpine 8-cli-alpine3.22 cli-alpine cli-alpine3.22 alpine alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4-alpine3.22 8-alpine 8-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.22 Runtime: 8.4.11	2 weeks ago
8.4-alpine3.21 Minor runtime version update Also known as: 8.4.11-cli-alpine3.21 8.4-cli-alpine3.21 8-cli-alpine3.21 cli-alpine3.21 alpine3.21 8.4.11-alpine3.21 8-alpine3.21	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.21 Runtime: 8.4.11	2 weeks ago
8.3-alpine Minor runtime version update Also known as: 8.3.24-cli-alpine 8.3.24-cli-alpine3.22 8.3-cli-alpine 8.3-cli-alpine3.22 8.3.24-alpine 8.3.24-alpine3.22 8.3-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.3.24	2 weeks ago
8.3-alpine3.21 Minor runtime version update Also known as: 8.3.24-cli-alpine3.21 8.3-cli-alpine3.21 8.3.24-alpine3.21	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.21 Runtime: 8.3.24	2 weeks ago
8.2-alpine Minor runtime version update Also known as: 8.2.29-cli-alpine 8.2.29-cli-alpine3.22 8.2-cli-alpine 8.2-cli-alpine3.22 8.2.29-alpine 8.2.29-alpine3.22 8.2-alpine3.22	Benefits: Same OS detected Minor runtime version update Image has similar size Image has same number of vulnerabilities Image contains similar number of packages 8.2-alpine was pulled 1.8K times last month Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.2.29	2 weeks ago
8.2-alpine3.21 Minor runtime version update Also known as: 8.2.29-cli-alpine3.21 8.2-cli-alpine3.21 8.2.29-alpine3.21	Benefits: Same OS detected Minor runtime version update Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 36 MB Flavor: alpine OS: 3.21 Runtime: 8.2.29	2 weeks ago

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8-alpine

Name	8.4.11-alpine3.22
Digest	sha256:4ff5194e9fa697591425fa74e939879cde8c0d0da6a53b4b247cc47f43eb7d91
Vulnerabilities
Pushed	2 weeks ago
Size	42 MB
Packages	60
Flavor	alpine
OS	3.22
Runtime	8.4.11

The base image is also available under the supported tag(s): 8-alpine3.22, 8-cli-alpine, 8-cli-alpine3.22, 8.4-alpine, 8.4-alpine3.22, 8.4-cli-alpine, 8.4-cli-alpine3.22, 8.4.11-alpine, 8.4.11-alpine3.22, 8.4.11-cli-alpine, 8.4.11-cli-alpine3.22, alpine, alpine3.22, cli-alpine, cli-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:c3e559f56cdc45b48cfee640de5c5d8067b7d071a4cbbef5d8ce49cfe21ad303
vulnerabilities
platform	linux/amd64
size	75 MB
packages	121

📦 Base Image oisupport/staging-amd64:639b54f0afafe1a50d5dfdf4306b05aa09357ed7292390e3ed242ecfc57cc7e0

also known as	8-fpm-alpine 8-fpm-alpine3.22 8.4-fpm-alpine 8.4-fpm-alpine3.22 8.4.11-fpm-alpine 8.4.11-fpm-alpine3.22 fpm-alpine fpm-alpine3.22
digest	sha256:dd4b38d02d63413f45aea06eaaf1ac2410b7cbe81b017efd3d6feefb142809b2
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is :639b54f0afafe1a50d5dfdf4306b05aa09357ed7292390e3ed242ecfc57cc7e0

Digest
Vulnerabilities
Size	0 B
Packages	0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:ce496fbbceec074229c9b91843bf8601cf626d90e0fd7c387886ccd15e65c3cb
vulnerabilities
platform	linux/amd64
size	75 MB
packages	120

📦 Base Image php:8.2-alpine

also known as	8.2-alpine3.22 8.2-cli-alpine 8.2-cli-alpine3.22 8.2.29-alpine 8.2.29-alpine3.22 8.2.29-cli-alpine 8.2.29-cli-alpine3.22 d8f4974194fb8fae35528e5ff3f03ca3566ee2e502f953b7817e0cbefebf8a0d
digest	sha256:cdee2ae021443a0806843448eb174a188d6e6d85377a2e5a9bcd44161001fb8d
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:a0d8ace7155d530368ec2f25bf7f76fef10452919a3e63b2ea311b3c788701a6
vulnerabilities
platform	linux/amd64
size	68 MB
packages	119

📦 Base Image oisupport/staging-amd64:8.1-fpm-alpine

also known as	8.1-fpm-alpine3.21 8.1.33-fpm-alpine 8.1.33-fpm-alpine3.21 da3eabe89d0c6c833838e3480d063d65f38577bc37dc976948b9352f3fb3d2fb
digest	sha256:4268ab6c629f48d1f77ff76b70355c1f384d95028c301d7a9d07a5f1644d4072
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.21 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is :8.1-fpm-alpine

Digest
Vulnerabilities
Size	0 B
Packages	0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:ade5d3761d44492a454e08b4d9da9eea494dee0aae3f91e4d5cb2caf2071a5e9
vulnerabilities
platform	linux/amd64
size	95 MB
packages	158

📦 Base Image php:8.3-alpine

also known as	8.3-alpine3.22 8.3-cli-alpine 8.3-cli-alpine3.22 8.3.24-alpine 8.3.24-alpine3.22 8.3.24-cli-alpine 8.3.24-cli-alpine3.22 b026e7d2fc6d7801e1af55dc42c7409b2f38d6b42c32494e9276b6ef40a28ee3
digest	sha256:f43a903b3e7fb97ce6ecdc8ab54c4beeebc913c38697740c6e9dd0d69fc37322
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.2-alpine

Name	8.2.29-alpine3.22
Digest	sha256:cdee2ae021443a0806843448eb174a188d6e6d85377a2e5a9bcd44161001fb8d
Vulnerabilities
Pushed	2 weeks ago
Size	37 MB
Packages	60
Flavor	alpine
OS	3.22
Runtime	8.2.29

The base image is also available under the supported tag(s): 8.2-alpine3.22, 8.2-cli-alpine, 8.2-cli-alpine3.22, 8.2.29-alpine, 8.2.29-alpine3.22, 8.2.29-cli-alpine, 8.2.29-cli-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.4-alpine Minor runtime version update Also known as: 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8-cli-alpine 8-cli-alpine3.22 cli-alpine cli-alpine3.22 alpine alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4-alpine3.22 8-alpine 8-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.22 Runtime: 8.4.11	2 weeks ago
8.3-alpine Minor runtime version update Also known as: 8.3.24-cli-alpine 8.3.24-cli-alpine3.22 8.3-cli-alpine 8.3-cli-alpine3.22 8.3.24-alpine 8.3.24-alpine3.22 8.3-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.3.24	2 weeks ago

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.3-alpine

Name	8.3.24-alpine3.22
Digest	sha256:f43a903b3e7fb97ce6ecdc8ab54c4beeebc913c38697740c6e9dd0d69fc37322
Vulnerabilities
Pushed	2 weeks ago
Size	37 MB
Packages	60
Flavor	alpine
OS	3.22
Runtime	8.3.24

The base image is also available under the supported tag(s): 8.3-alpine3.22, 8.3-cli-alpine, 8.3-cli-alpine3.22, 8.3.24-alpine, 8.3.24-alpine3.22, 8.3.24-cli-alpine, 8.3.24-cli-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.4-alpine Minor runtime version update Also known as: 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8-cli-alpine 8-cli-alpine3.22 cli-alpine cli-alpine3.22 alpine alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4-alpine3.22 8-alpine 8-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.22 Runtime: 8.4.11	2 weeks ago

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:9742ced0749c671a521a5db5251288bb086dc722f3946c2f8c278a7d722b8a47
vulnerabilities
platform	linux/amd64
size	70 MB
packages	121

📦 Base Image php:3effc26a4a8524994f6fd9e3c99f564bfdee610687d2d1d455996608118a910f

also known as	8.2-fpm-alpine 8.2-fpm-alpine3.22 8.2.29-fpm-alpine 8.2.29-fpm-alpine3.22
digest	sha256:a992b4453c7ffe21584867dced3a8b82c896603a10bfe3f7ec734729e26fcda5
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:775d2a4b717639eb742ed8687712b665c001cc842dd772c1f650309770426824
vulnerabilities
platform	linux/amd64
size	71 MB
packages	121

📦 Base Image oisupport/staging-amd64:2bc2a355c610a5ce2f4854d785c740aafe346f652caa7a4960796338a17a0ffe

also known as	8.3-fpm-alpine 8.3-fpm-alpine3.22 8.3.24-fpm-alpine 8.3.24-fpm-alpine3.22
digest	sha256:994a36314a28fed17d2d9d66ff694817dcf51343c7d42e1890ec75b3406a3caf
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.2-fpm-alpine

Name	8.2.29-fpm-alpine3.22
Digest	sha256:a992b4453c7ffe21584867dced3a8b82c896603a10bfe3f7ec734729e26fcda5
Vulnerabilities
Pushed	2 weeks ago
Size	32 MB
Packages	61
Flavor	alpine
OS	3.22
Runtime	8.2.29

The base image is also available under the supported tag(s): 8.2-fpm-alpine3.22, 8.2.29-fpm-alpine, 8.2.29-fpm-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.3-fpm-alpine Minor runtime version update Also known as: 8.3.24-fpm-alpine 8.3.24-fpm-alpine3.22 8.3-fpm-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 33 MB Flavor: alpine OS: 3.22 Runtime: 8.3.24	2 weeks ago
8.4-fpm-alpine Image has same number of vulnerabilities Also known as: 8.4.11-fpm-alpine 8.4.11-fpm-alpine3.22 8.4-fpm-alpine3.22 8-fpm-alpine 8-fpm-alpine3.22 fpm-alpine fpm-alpine3.22	Benefits: Same OS detected Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.22	2 weeks ago

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is :2bc2a355c610a5ce2f4854d785c740aafe346f652caa7a4960796338a17a0ffe

Digest
Vulnerabilities
Size	0 B
Packages	0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:0f27210915467ba18de9bd39724b29bfa0c9062c15380e5b78fbb4a1b8d2e993
vulnerabilities
platform	linux/amd64
size	94 MB
packages	158

📦 Base Image php:8.2-alpine

also known as	8.2-alpine3.22 8.2-cli-alpine 8.2-cli-alpine3.22 8.2.29-alpine 8.2.29-alpine3.22 8.2.29-cli-alpine 8.2.29-cli-alpine3.22 d8f4974194fb8fae35528e5ff3f03ca3566ee2e502f953b7817e0cbefebf8a0d
digest	sha256:cdee2ae021443a0806843448eb174a188d6e6d85377a2e5a9bcd44161001fb8d
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:550223244835b9e39a0d894a1c107e51455a7222b9aa6bcfe6d2efb2e073a476
vulnerabilities
platform	linux/amd64
size	91 MB
packages	139

📦 Base Image php:8.1-alpine

also known as	8.1-alpine3.21 8.1-cli-alpine 8.1-cli-alpine3.21 8.1.33-alpine 8.1.33-alpine3.21 8.1.33-cli-alpine 8.1.33-cli-alpine3.21 84499e7665570bbef8ca20d15c642d8d9485a887d6be7a8b335ca33b5d3126f0
digest	sha256:6ed5103426b2c742dcc4721afa9864e7faaedcbb84c92410762d0c5162a8bdb2
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.21 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

setuptools 70.3.0 (pypi) pkg:pypi/[email protected] Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range <78.1.1 Fixed version 78.1.1 CVSS Score 7.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P EPSS Score 0.139% EPSS Percentile 35th percentile Description Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def _download_url(self, url, tmpdir): # Determine download filename # name, _fragment = egg_info_for_url(url) if name: while '..' in name: name = name.replace('..', '.').replace('\\', '_') else: name = "__downloaded__" # default if URL has no path contents if name.endswith('.[egg.zip](http://egg.zip/)'): name = name[:-4] # strip the extra .zip before download --> filename = os.path.join(tmpdir, name) Here: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 os.path.join() discards the first argument tmpdir if the second begins with a slash or drive letter. name is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of '..' with '.', it is insufficient. Risk Assessment As easy_install and package_index are deprecated, the exploitation surface is reduced. However, it seems this could be exploited in a similar fashion like GHSA-r9hx-vwmv-q579, and as described by POC 4 in GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index. Impact An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context. References https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 pypa/setuptools#4946

[github-actions]

🔍 Vulnerabilities of wayofdev/php-base:latest

📦 Image Reference wayofdev/php-base:latest

digest	sha256:897b1110c4aa1486b9234e8a3168135e785d6defdf5e1989099aa1eb99eed3e4
vulnerabilities
platform	linux/amd64
size	100 MB
packages	158

📦 Base Image php:8-alpine

also known as	8-alpine3.22 8-cli-alpine 8-cli-alpine3.22 8.4-alpine 8.4-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 alpine alpine3.22 cli-alpine cli-alpine3.22 e4f9bb894d0d59558802c50d63685a084b2b4fb7eb77398e783423beab34d48f
digest	sha256:4ff5194e9fa697591425fa74e939879cde8c0d0da6a53b4b247cc47f43eb7d91
vulnerabilities

postgresql17 17.5-r0 (apk) pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.22 Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.045% EPSS Percentile 13th percentile Description Affected range <17.6-r0 Fixed version 17.6-r0 EPSS Score 0.058% EPSS Percentile 18th percentile Description

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.2-alpine

Name	8.2.29-alpine3.22
Digest	sha256:cdee2ae021443a0806843448eb174a188d6e6d85377a2e5a9bcd44161001fb8d
Vulnerabilities
Pushed	2 weeks ago
Size	37 MB
Packages	60
Flavor	alpine
OS	3.22
Runtime	8.2.29

The base image is also available under the supported tag(s): 8.2-alpine3.22, 8.2-cli-alpine, 8.2-cli-alpine3.22, 8.2.29-alpine, 8.2.29-alpine3.22, 8.2.29-cli-alpine, 8.2.29-cli-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.4-alpine Minor runtime version update Also known as: 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8-cli-alpine 8-cli-alpine3.22 cli-alpine cli-alpine3.22 alpine alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4-alpine3.22 8-alpine 8-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.22 Runtime: 8.4.11	2 weeks ago
8.3-alpine Minor runtime version update Also known as: 8.3.24-cli-alpine 8.3.24-cli-alpine3.22 8.3-cli-alpine 8.3-cli-alpine3.22 8.3.24-alpine 8.3.24-alpine3.22 8.3-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.3.24	2 weeks ago

[github-actions]

Outdated

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8.1-alpine

Name	8.1.33-alpine3.21
Digest	sha256:6ed5103426b2c742dcc4721afa9864e7faaedcbb84c92410762d0c5162a8bdb2
Vulnerabilities
Pushed	2 weeks ago
Size	36 MB
Packages	59
Flavor	alpine
OS	3.21
Runtime	8.1.33

The base image is also available under the supported tag(s): 8.1-alpine3.21, 8.1-cli-alpine, 8.1-cli-alpine3.21, 8.1.33-alpine, 8.1.33-alpine3.21, 8.1.33-cli-alpine, 8.1.33-cli-alpine3.21

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
8.1-alpine3.22 Patch runtime version update Also known as: 8.1.33-cli-alpine3.22 8.1-cli-alpine3.22 8.1.33-alpine3.22	Benefits: Patch runtime version update Same OS detected Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 36 MB Flavor: alpine OS: 3.22 Runtime: 8.1.33	2 weeks ago
8.4-alpine Minor runtime version update Also known as: 8.4.11-cli-alpine 8.4.11-cli-alpine3.22 8.4-cli-alpine 8.4-cli-alpine3.22 8-cli-alpine 8-cli-alpine3.22 cli-alpine cli-alpine3.22 alpine alpine3.22 8.4.11-alpine 8.4.11-alpine3.22 8.4-alpine3.22 8-alpine 8-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.22 Runtime: 8.4.11	2 weeks ago
8.4-alpine3.21 Minor runtime version update Also known as: 8.4.11-cli-alpine3.21 8.4-cli-alpine3.21 8-cli-alpine3.21 cli-alpine3.21 alpine3.21 8.4.11-alpine3.21 8-alpine3.21	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 42 MB Flavor: alpine OS: 3.21 Runtime: 8.4.11	2 weeks ago
8.3-alpine Minor runtime version update Also known as: 8.3.24-cli-alpine 8.3.24-cli-alpine3.22 8.3-cli-alpine 8.3-cli-alpine3.22 8.3.24-alpine 8.3.24-alpine3.22 8.3-alpine3.22	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains similar number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.3.24	2 weeks ago
8.3-alpine3.21 Minor runtime version update Also known as: 8.3.24-cli-alpine3.21 8.3-cli-alpine3.21 8.3.24-alpine3.21	Benefits: Same OS detected Minor runtime version update Tag was pushed more recently Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 37 MB Flavor: alpine OS: 3.21 Runtime: 8.3.24	2 weeks ago
8.2-alpine Minor runtime version update Also known as: 8.2.29-cli-alpine 8.2.29-cli-alpine3.22 8.2-cli-alpine 8.2-cli-alpine3.22 8.2.29-alpine 8.2.29-alpine3.22 8.2-alpine3.22	Benefits: Same OS detected Minor runtime version update Image has similar size Image has same number of vulnerabilities Image contains similar number of packages 8.2-alpine was pulled 1.8K times last month Image details: Size: 37 MB Flavor: alpine OS: 3.22 Runtime: 8.2.29	2 weeks ago
8.2-alpine3.21 Minor runtime version update Also known as: 8.2.29-cli-alpine3.21 8.2-cli-alpine3.21 8.2.29-alpine3.21	Benefits: Same OS detected Minor runtime version update Image has similar size Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 36 MB Flavor: alpine OS: 3.21 Runtime: 8.2.29	2 weeks ago

[github-actions]

Recommended fixes for image wayofdev/php-base:latest

Base image is php:8-alpine

Name	8.4.11-alpine3.22
Digest	sha256:4ff5194e9fa697591425fa74e939879cde8c0d0da6a53b4b247cc47f43eb7d91
Vulnerabilities
Pushed	2 weeks ago
Size	42 MB
Packages	60
Flavor	alpine
OS	3.22
Runtime	8.4.11

The base image is also available under the supported tag(s): 8-alpine3.22, 8-cli-alpine, 8-cli-alpine3.22, 8.4-alpine, 8.4-alpine3.22, 8.4-cli-alpine, 8.4-cli-alpine3.22, 8.4.11-alpine, 8.4.11-alpine3.22, 8.4.11-cli-alpine, 8.4.11-cli-alpine3.22, alpine, alpine3.22, cli-alpine, cli-alpine3.22

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.