Skip to content

deps(deps): update davidanson/markdownlint-cli2-action action to v18 #62

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 16, 2024
Merged

deps(deps): update davidanson/markdownlint-cli2-action action to v18 #62

merged 1 commit into from
Nov 16, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 15, 2024

This PR contains the following updates:

Package Type Update Change
DavidAnson/markdownlint-cli2-action action major v17.0.0 -> v18.0.0

Release Notes

DavidAnson/markdownlint-cli2-action (DavidAnson/markdownlint-cli2-action)

v18.0.0: Update markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) November 15, 2024 04:56
@renovate renovate bot requested a review from lotyp as a code owner November 15, 2024 04:56
@github-actions github-actions bot added the type: maintenance For maintenance, refactor and testing (perf, chore, style, revert, refactor, test, build, ci) label Nov 15, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of debian:11

📦 Image Reference debian:11
digestsha256:8ab4832d334232b40d75b03976154b9f657d0632d4a01ae4ec6517f53a83b467
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
size61 MB
packages139

3 similar comments
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of debian:11

📦 Image Reference debian:11
digestsha256:8ab4832d334232b40d75b03976154b9f657d0632d4a01ae4ec6517f53a83b467
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
size61 MB
packages139

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of debian:11

📦 Image Reference debian:11
digestsha256:8ab4832d334232b40d75b03976154b9f657d0632d4a01ae4ec6517f53a83b467
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
size61 MB
packages139

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of debian:11

📦 Image Reference debian:11
digestsha256:8ab4832d334232b40d75b03976154b9f657d0632d4a01ae4ec6517f53a83b467
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
size61 MB
packages139

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:5c217732f3598ff487ad86c0072027b8f0cf49af22452682e60f3397e9b90cf2
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size106 MB
packages230
📦 Base Image php:305d89fe8b211fcfef3850d82d07db263ee9b4e1867712f634bf1cb10032a8ba
also known as
  • 8.2-fpm-alpine
  • 8.2-fpm-alpine3.20
  • 8.2.25-fpm-alpine
  • 8.2.25-fpm-alpine3.20
digestsha256:284202dd6e14e0d426de35ad8a4f96774321a754037204d92f8492b15bd673b3
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-fpm-alpine

Name8.2.25-fpm-alpine3.20
Digestsha256:284202dd6e14e0d426de35ad8a4f96774321a754037204d92f8492b15bd673b3
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size34 MB
Packages51
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-fpm-alpine3.20, 8.2.25-fpm-alpine, 8.2.25-fpm-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-fpm-alpine
Image has same number of vulnerabilities
Also known as:
  • 8.3.13-fpm-alpine
  • 8.3.13-fpm-alpine3.20
  • 8.3-fpm-alpine3.20
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
 Benefits:
  • Same OS detected
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 35 MB
  • Flavor: alpine
  • OS: 3.20
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:c147af8344361b8c25153a0f0b3cb3171ab4b0cc2377c79b2cdaadcfdd420440
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size129 MB
packages247
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 84d7c92b0f7c436866ace80016292070a2ee245e160a4f0e3b4f1dc768c40182
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:c87ed4d516c34766ed6326401214f3bb42ae666f8dfe86ef094a0a102c66d225
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size110 MB
packages229
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • cb29fce029e5824e8905a5d3dd097bb1591ba4d007236a8d8d9cb1babdd11acd
digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.25-alpine3.20
Digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.25-alpine, 8.2.25-alpine3.20, 8.2.25-cli-alpine, 8.2.25-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.13-alpine3.20
Digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size39 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.13
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.13-alpine, 8.3.13-alpine3.20, 8.3.13-cli-alpine, 8.3.13-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:9a50eb95510323cfc10f789dfe539081185e7a75e7d8d185339b3544ee8344b4
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size111 MB
packages229
📦 Base Image php:8-alpine
also known as
  • 8-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • 8.3-alpine
  • 8.3-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 84d7c92b0f7c436866ace80016292070a2ee245e160a4f0e3b4f1dc768c40182
  • alpine
  • alpine3.20
  • cli-alpine
  • cli-alpine3.20
digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:1b628c45dda041ca2ae1fd0b2d2d59f89b12e77a33c894b102a331a8e90e588a
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size128 MB
packages247
📦 Base Image php:8.2-alpine
also known as
  • 8.2-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • cb29fce029e5824e8905a5d3dd097bb1591ba4d007236a8d8d9cb1babdd11acd
digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8-alpine

Name8.3.13-alpine3.20
Digestsha256:9acba884b0307547bc35a181a1c83902efdbd4f93a1a56766f2e31ac75ca3cc8
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size39 MB
Packages50
Flavoralpine
OS3.20
Runtime8.3.13
The base image is also available under the supported tag(s): 8-alpine3.20, 8-cli-alpine, 8-cli-alpine3.20, 8.3-alpine, 8.3-alpine3.20, 8.3-cli-alpine, 8.3-cli-alpine3.20, 8.3.13-alpine, 8.3.13-alpine3.20, 8.3.13-cli-alpine, 8.3.13-cli-alpine3.20, alpine, alpine3.20, cli-alpine, cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:ba075d0bed6721f0c666e0fecf508d600d00d6de420a15814245886c924a7769
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size106 MB
packages230
📦 Base Image oisupport/staging-amd64:59afe80fd730aab04813365a55dc2f41ec965267ca578f3c644bedf86ddafd0d
also known as
  • 8-fpm-alpine
  • 8-fpm-alpine3.20
  • 8.3-fpm-alpine
  • 8.3-fpm-alpine3.20
  • 8.3.13-fpm-alpine
  • 8.3.13-fpm-alpine3.20
  • fpm-alpine
  • fpm-alpine3.20
digestsha256:62b34bff310c94035a3b9de46231234155c033cd5b96043c8a37e8ad74f6b658
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.2-alpine

Name8.2.25-alpine3.20
Digestsha256:199d77d39c430fec4b7fd53eba9a3df2c509a08d982a87ab08d6a7569e99cbfe
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed3 weeks ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.2.25
The base image is also available under the supported tag(s): 8.2-alpine3.20, 8.2-cli-alpine, 8.2-cli-alpine3.20, 8.2.25-alpine, 8.2.25-alpine3.20, 8.2.25-cli-alpine, 8.2.25-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:5eeeb2aec47f657df75762ee2608b42acd74a131a208b720e1729a21732420bf
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size128 MB
packages247
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.30-alpine
  • 8.1.30-alpine3.20
  • 8.1.30-cli-alpine
  • 8.1.30-cli-alpine3.20
  • bcf44bed7d318c64227bc16f8def338e38acee3fc90237a1351a698d0e95e779
digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is :59afe80fd730aab04813365a55dc2f41ec965267ca578f3c644bedf86ddafd0d

Digest
Vulnerabilities
Size0 B
Packages0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.30-alpine3.20
Digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 month ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.30
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.30-alpine, 8.1.30-alpine3.20, 8.1.30-cli-alpine, 8.1.30-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 38 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.25
 3 weeks ago



@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:b76d38d56c833fd2c3c1146638f7ce6ff635f5154d4899e8dfa79d1e5eee489f
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size109 MB
packages229
📦 Base Image php:8.1-alpine
also known as
  • 8.1-alpine3.20
  • 8.1-cli-alpine
  • 8.1-cli-alpine3.20
  • 8.1.30-alpine
  • 8.1.30-alpine3.20
  • 8.1.30-cli-alpine
  • 8.1.30-cli-alpine3.20
  • bcf44bed7d318c64227bc16f8def338e38acee3fc90237a1351a698d0e95e779
digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 16, 2024
edited
Loading

Outdated

Recommended fixes for image wayofdev/php-dev:latest

Base image is php:8.1-alpine

Name8.1.30-alpine3.20
Digestsha256:e31a1369d8593b383bb3e2e87d116de58902899afbe8477c4feb9be5e8f88801
Vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
Pushed1 month ago
Size38 MB
Packages50
Flavoralpine
OS3.20
Runtime8.1.30
The base image is also available under the supported tag(s): 8.1-alpine3.20, 8.1-cli-alpine, 8.1-cli-alpine3.20, 8.1.30-alpine, 8.1.30-alpine3.20, 8.1.30-cli-alpine, 8.1.30-cli-alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

TagDetailsPushedVulnerabilities
8.3-alpine
Minor runtime version update
Also known as:
  • 8.3.13-cli-alpine
  • 8.3.13-cli-alpine3.20
  • 8.3-cli-alpine
  • 8.3-cli-alpine3.20
  • 8-cli-alpine
  • 8-cli-alpine3.20
  • cli-alpine
  • cli-alpine3.20
  • alpine
  • alpine3.20
  • 8.3.13-alpine
  • 8.3.13-alpine3.20
  • 8.3-alpine3.20
  • 8-alpine
  • 8-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
Image details:
  • Size: 39 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.3.13
 3 weeks ago



8.2-alpine
Minor runtime version update
Also known as:
  • 8.2.25-cli-alpine
  • 8.2.25-cli-alpine3.20
  • 8.2-cli-alpine
  • 8.2-cli-alpine3.20
  • 8.2.25-alpine
  • 8.2.25-alpine3.20
  • 8.2-alpine3.20
 Benefits:
  • Same OS detected
  • Minor runtime version update
  • Tag was pushed more recently
  • Image has similar size
  • Image has same number of vulnerabilities
  • Image contains equal number of packages
  • 8.2-alpine was pulled 1.8K times last month
Image details:
  • Size: 38 MB
  • Flavor: alpine
  • OS: 3.20
  • Runtime: 8.2.25
 3 weeks ago



@github-actions GitHub Actions
Copy link

🔍 Vulnerabilities of wayofdev/php-dev:latest

📦 Image Reference wayofdev/php-dev:latest
digestsha256:e09fd183c692ae68727935c44ae000ff90e53e2d2be10b72141bae4cc6b98e7d
vulnerabilitiescritical: 0 high: 3 medium: 0 low: 0
size105 MB
packages230
📦 Base Image oisupport/staging-amd64:77ec3a73969f4535569eb3a36b8ddb8f55403736054094060fa6bce51a0018cc
also known as
  • 8.1-fpm-alpine
  • 8.1-fpm-alpine3.20
  • 8.1.30-fpm-alpine
  • 8.1.30-fpm-alpine3.20
digestsha256:e6936df453823a08cbb2d0f25aa710077d8eff235c69dd4ee0869184660bd1c9
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 3 medium: 0 low: 0 stdlib 1.22.5 (golang)

pkg:golang/stdlib@1.22.5

high : CVE--2024--34158

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

high : CVE--2024--34156

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.04%
EPSS Percentile17th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

high : CVE--2022--30635

Affected range<1.22.7
Fixed version1.22.7
EPSS Score0.19%
EPSS Percentile57th percentile
Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

@github-actions GitHub Actions
Copy link

Recommended fixes for image wayofdev/php-dev:latest

Base image is :77ec3a73969f4535569eb3a36b8ddb8f55403736054094060fa6bce51a0018cc

Digest
Vulnerabilities
Size0 B
Packages0

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

@way-finder-bot way-finder-bot self-requested a review November 16, 2024 09:11
@way-finder-bot way-finder-bot self-assigned this Nov 16, 2024
@renovate renovate bot merged commit 18dbf43 into master Nov 16, 2024
17 checks passed
@renovate renovate bot deleted the renovate/davidanson-markdownlint-cli2-action-18.x branch November 16, 2024 09:11
@lotyp lotyp mentioned this pull request Nov 16, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@way-finder-bot way-finder-bot way-finder-bot approved these changes

@lotyp lotyp Awaiting requested review from lotyp lotyp is a code owner

Assignees

@way-finder-bot way-finder-bot

Labels
type: maintenance For maintenance, refactor and testing (perf, chore, style, revert, refactor, test, build, ci)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@way-finder-bot