ci: refactor build workflows #565

sjinks · 2023-10-30T06:17:31Z

Refactor CI workflows to avoid unnecessary code duplication
Add security scan (Run security scan on Docker images #239)
Fix bugs (ci: fix version extraction regexp #563)

Supersedes: #563
Supersedes: #239

github-actions · 2023-10-30T06:43:27Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/alpine:3.18.4 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T06:50:31Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/dev-tools:0.9 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T06:59:03Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/mu-plugins:0.1 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:01:02Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/nginx:1.25.2 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:10:24Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/skeleton:latest (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:13:16Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/photon:latest (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:27:42Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.0 (ubuntu 22.04)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
bash	CVE-2022-3715	LOW	5.1-6ubuntu1		https://avd.aquasec.com/nvd/cve-2022-3715
coreutils	CVE-2016-2781	LOW	8.32-4.1ubuntu1		https://avd.aquasec.com/nvd/cve-2016-2781
dbus	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
dirmngr	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gcc-12-base	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
git	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
git-man	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
gnupg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-l10n	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-utils	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-agent	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-client	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-server	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgconf	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgsm	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgv	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
libapparmor1	CVE-2016-1585	MEDIUM	3.0.4-2ubuntu2.2		https://avd.aquasec.com/nvd/cve-2016-1585
libavahi-client3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-client3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-client3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-client3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-client3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common-data	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common-data	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common-data	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common-data	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common-data	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libc-bin	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc-bin	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libc6	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc6	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libdbus-1-3	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
libgcc-s1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgd3	CVE-2021-40812	LOW	2.3.3-9+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2021-40812
libgomp1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgraphicsmagick-q16-3	CVE-2017-13736	LOW	1.4+really1.3.38-1ubuntu0.1		https://avd.aquasec.com/nvd/cve-2017-13736
libgssapi-krb5-2	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libheif1	CVE-2023-0996	MEDIUM	1.12.0-2build1		https://avd.aquasec.com/nvd/cve-2023-0996
libjbig2dec0	CVE-2017-9216	LOW	0.19-3build2		https://avd.aquasec.com/nvd/cve-2017-9216
libk5crypto3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5-3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5support0	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libldap-2.5-0	CVE-2023-2953	LOW	2.5.16+dfsg-0ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2023-2953
liblzma5	CVE-2020-22916	MEDIUM	5.2.5-2ubuntu1		https://avd.aquasec.com/nvd/cve-2020-22916
libopenjp2-7	CVE-2019-6988	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2019-6988
libopenjp2-7	CVE-2021-29338	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-29338
libopenjp2-7	CVE-2021-3575	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-3575
libpcre3	CVE-2017-11164	LOW	2:8.39-13ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2017-11164
libperl5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
libpng16-16	CVE-2022-3857	LOW	1.6.37-3build5		https://avd.aquasec.com/nvd/cve-2022-3857
libprocps8	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
libpython3.10	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-minimal	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-stdlib	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libsqlite3-0	CVE-2022-46908	LOW	3.37.2-2ubuntu0.1		https://avd.aquasec.com/nvd/cve-2022-46908
libssl3	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-2975
libssl3	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3446
libssl3	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3817
libstdc++6	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libtiff5	CVE-2018-10126	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2018-10126
libtiff5	CVE-2023-3164	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3164
libtiff5	CVE-2023-3576	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3576
libzstd1	CVE-2022-4899	LOW	1.4.8+dfsg-3build1		https://avd.aquasec.com/nvd/cve-2022-4899
login	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
openssh-client	CVE-2023-28531	LOW	1:8.9p1-3ubuntu0.4		https://avd.aquasec.com/nvd/cve-2023-28531
passwd	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
patch	CVE-2018-6952	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2018-6952
patch	CVE-2021-45261	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2021-45261
perl	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-base	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-modules-5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
php-pear	CVE-2014-5459	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2014-5459
php-pear	CVE-2017-5630	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2017-5630
procps	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
vim	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-common	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-runtime	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
wget	CVE-2021-31879	MEDIUM	1.21.2-2ubuntu1		https://avd.aquasec.com/nvd/cve-2021-31879
xxd	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:27:50Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:7.4 (ubuntu 22.04)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
bash	CVE-2022-3715	LOW	5.1-6ubuntu1		https://avd.aquasec.com/nvd/cve-2022-3715
coreutils	CVE-2016-2781	LOW	8.32-4.1ubuntu1		https://avd.aquasec.com/nvd/cve-2016-2781
dbus	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
dirmngr	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gcc-12-base	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
git	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
git-man	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
gnupg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-l10n	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-utils	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-agent	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-client	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-server	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgconf	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgsm	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgv	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
libapparmor1	CVE-2016-1585	MEDIUM	3.0.4-2ubuntu2.2		https://avd.aquasec.com/nvd/cve-2016-1585
libavahi-client3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-client3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-client3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-client3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-client3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common-data	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common-data	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common-data	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common-data	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common-data	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libc-bin	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc-bin	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libc6	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc6	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libdbus-1-3	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
libgcc-s1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgd3	CVE-2021-40812	LOW	2.3.3-9+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2021-40812
libgomp1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgraphicsmagick-q16-3	CVE-2017-13736	LOW	1.4+really1.3.38-1ubuntu0.1		https://avd.aquasec.com/nvd/cve-2017-13736
libgssapi-krb5-2	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libheif1	CVE-2023-0996	MEDIUM	1.12.0-2build1		https://avd.aquasec.com/nvd/cve-2023-0996
libjbig2dec0	CVE-2017-9216	LOW	0.19-3build2		https://avd.aquasec.com/nvd/cve-2017-9216
libk5crypto3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5-3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5support0	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libldap-2.5-0	CVE-2023-2953	LOW	2.5.16+dfsg-0ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2023-2953
liblzma5	CVE-2020-22916	MEDIUM	5.2.5-2ubuntu1		https://avd.aquasec.com/nvd/cve-2020-22916
libopenjp2-7	CVE-2019-6988	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2019-6988
libopenjp2-7	CVE-2021-29338	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-29338
libopenjp2-7	CVE-2021-3575	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-3575
libpcre3	CVE-2017-11164	LOW	2:8.39-13ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2017-11164
libperl5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
libpng16-16	CVE-2022-3857	LOW	1.6.37-3build5		https://avd.aquasec.com/nvd/cve-2022-3857
libprocps8	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
libpython3.10	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-minimal	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-stdlib	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libsqlite3-0	CVE-2022-46908	LOW	3.37.2-2ubuntu0.1		https://avd.aquasec.com/nvd/cve-2022-46908
libssl3	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-2975
libssl3	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3446
libssl3	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3817
libstdc++6	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libtiff5	CVE-2018-10126	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2018-10126
libtiff5	CVE-2023-3164	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3164
libtiff5	CVE-2023-3576	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3576
libzstd1	CVE-2022-4899	LOW	1.4.8+dfsg-3build1		https://avd.aquasec.com/nvd/cve-2022-4899
login	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
openssh-client	CVE-2023-28531	LOW	1:8.9p1-3ubuntu0.4		https://avd.aquasec.com/nvd/cve-2023-28531
passwd	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
patch	CVE-2018-6952	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2018-6952
patch	CVE-2021-45261	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2021-45261
perl	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-base	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-modules-5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
php-pear	CVE-2014-5459	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2014-5459
php-pear	CVE-2017-5630	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2017-5630
procps	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
vim	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-common	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-runtime	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
wget	CVE-2021-31879	MEDIUM	1.21.2-2ubuntu1		https://avd.aquasec.com/nvd/cve-2021-31879
xxd	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:30:22Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.2 (ubuntu 22.04)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
bash	CVE-2022-3715	LOW	5.1-6ubuntu1		https://avd.aquasec.com/nvd/cve-2022-3715
coreutils	CVE-2016-2781	LOW	8.32-4.1ubuntu1		https://avd.aquasec.com/nvd/cve-2016-2781
dbus	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
dirmngr	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gcc-12-base	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
git	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
git-man	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
gnupg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-l10n	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-utils	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-agent	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-client	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-server	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgconf	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgsm	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgv	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
libapparmor1	CVE-2016-1585	MEDIUM	3.0.4-2ubuntu2.2		https://avd.aquasec.com/nvd/cve-2016-1585
libavahi-client3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-client3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-client3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-client3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-client3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common-data	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common-data	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common-data	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common-data	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common-data	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libc-bin	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc-bin	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libc6	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc6	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libdbus-1-3	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
libgcc-s1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgd3	CVE-2021-40812	LOW	2.3.3-9+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2021-40812
libgomp1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgraphicsmagick-q16-3	CVE-2017-13736	LOW	1.4+really1.3.38-1ubuntu0.1		https://avd.aquasec.com/nvd/cve-2017-13736
libgssapi-krb5-2	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libheif1	CVE-2023-0996	MEDIUM	1.12.0-2build1		https://avd.aquasec.com/nvd/cve-2023-0996
libjbig2dec0	CVE-2017-9216	LOW	0.19-3build2		https://avd.aquasec.com/nvd/cve-2017-9216
libk5crypto3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5-3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5support0	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libldap-2.5-0	CVE-2023-2953	LOW	2.5.16+dfsg-0ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2023-2953
liblzma5	CVE-2020-22916	MEDIUM	5.2.5-2ubuntu1		https://avd.aquasec.com/nvd/cve-2020-22916
libopenjp2-7	CVE-2019-6988	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2019-6988
libopenjp2-7	CVE-2021-29338	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-29338
libopenjp2-7	CVE-2021-3575	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-3575
libpcre3	CVE-2017-11164	LOW	2:8.39-13ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2017-11164
libperl5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
libpng16-16	CVE-2022-3857	LOW	1.6.37-3build5		https://avd.aquasec.com/nvd/cve-2022-3857
libprocps8	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
libpython3.10	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-minimal	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-stdlib	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libsqlite3-0	CVE-2022-46908	LOW	3.37.2-2ubuntu0.1		https://avd.aquasec.com/nvd/cve-2022-46908
libssl3	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-2975
libssl3	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3446
libssl3	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3817
libstdc++6	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libtiff5	CVE-2018-10126	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2018-10126
libtiff5	CVE-2023-3164	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3164
libtiff5	CVE-2023-3576	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3576
libzstd1	CVE-2022-4899	LOW	1.4.8+dfsg-3build1		https://avd.aquasec.com/nvd/cve-2022-4899
login	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
openssh-client	CVE-2023-28531	LOW	1:8.9p1-3ubuntu0.4		https://avd.aquasec.com/nvd/cve-2023-28531
passwd	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
patch	CVE-2018-6952	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2018-6952
patch	CVE-2021-45261	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2021-45261
perl	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-base	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-modules-5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
php-pear	CVE-2014-5459	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2014-5459
php-pear	CVE-2017-5630	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2017-5630
procps	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
vim	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-common	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-runtime	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
wget	CVE-2021-31879	MEDIUM	1.21.2-2ubuntu1		https://avd.aquasec.com/nvd/cve-2021-31879
xxd	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:32:30Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.1 (ubuntu 22.04)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
bash	CVE-2022-3715	LOW	5.1-6ubuntu1		https://avd.aquasec.com/nvd/cve-2022-3715
coreutils	CVE-2016-2781	LOW	8.32-4.1ubuntu1		https://avd.aquasec.com/nvd/cve-2016-2781
dbus	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
dirmngr	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gcc-12-base	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
git	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
git-man	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
gnupg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-l10n	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-utils	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-agent	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-client	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-server	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgconf	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgsm	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgv	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
libapparmor1	CVE-2016-1585	MEDIUM	3.0.4-2ubuntu2.2		https://avd.aquasec.com/nvd/cve-2016-1585
libavahi-client3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-client3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-client3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-client3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-client3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common-data	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common-data	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common-data	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common-data	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common-data	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libc-bin	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc-bin	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libc6	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc6	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libdbus-1-3	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
libgcc-s1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgd3	CVE-2021-40812	LOW	2.3.3-9+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2021-40812
libgomp1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgraphicsmagick-q16-3	CVE-2017-13736	LOW	1.4+really1.3.38-1ubuntu0.1		https://avd.aquasec.com/nvd/cve-2017-13736
libgssapi-krb5-2	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libheif1	CVE-2023-0996	MEDIUM	1.12.0-2build1		https://avd.aquasec.com/nvd/cve-2023-0996
libjbig2dec0	CVE-2017-9216	LOW	0.19-3build2		https://avd.aquasec.com/nvd/cve-2017-9216
libk5crypto3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5-3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5support0	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libldap-2.5-0	CVE-2023-2953	LOW	2.5.16+dfsg-0ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2023-2953
liblzma5	CVE-2020-22916	MEDIUM	5.2.5-2ubuntu1		https://avd.aquasec.com/nvd/cve-2020-22916
libopenjp2-7	CVE-2019-6988	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2019-6988
libopenjp2-7	CVE-2021-29338	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-29338
libopenjp2-7	CVE-2021-3575	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-3575
libpcre3	CVE-2017-11164	LOW	2:8.39-13ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2017-11164
libperl5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
libpng16-16	CVE-2022-3857	LOW	1.6.37-3build5		https://avd.aquasec.com/nvd/cve-2022-3857
libprocps8	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
libpython3.10	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-minimal	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-stdlib	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libsqlite3-0	CVE-2022-46908	LOW	3.37.2-2ubuntu0.1		https://avd.aquasec.com/nvd/cve-2022-46908
libssl3	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-2975
libssl3	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3446
libssl3	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3817
libstdc++6	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libtiff5	CVE-2018-10126	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2018-10126
libtiff5	CVE-2023-3164	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3164
libtiff5	CVE-2023-3576	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3576
libzstd1	CVE-2022-4899	LOW	1.4.8+dfsg-3build1		https://avd.aquasec.com/nvd/cve-2022-4899
login	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
openssh-client	CVE-2023-28531	LOW	1:8.9p1-3ubuntu0.4		https://avd.aquasec.com/nvd/cve-2023-28531
passwd	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
patch	CVE-2018-6952	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2018-6952
patch	CVE-2021-45261	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2021-45261
perl	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-base	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-modules-5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
php-pear	CVE-2014-5459	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2014-5459
php-pear	CVE-2017-5630	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2017-5630
php8.1-bcmath	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-bcmath	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-bcmath	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-cli	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-cli	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-cli	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-common	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-common	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-common	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-curl	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-curl	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-curl	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-fpm	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-fpm	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-fpm	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-gd	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-gd	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-gd	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-gmp	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-gmp	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-gmp	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-intl	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-intl	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-intl	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-mbstring	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-mbstring	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-mbstring	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-mysql	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-mysql	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-mysql	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-opcache	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-opcache	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-opcache	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-readline	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-readline	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-readline	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-soap	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-soap	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-soap	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-sqlite3	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-sqlite3	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-sqlite3	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-xml	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-xml	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-xml	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
php8.1-zip	CVE-2016-9138	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2016-9138
php8.1-zip	CVE-2017-7189	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2017-7189
php8.1-zip	CVE-2022-4900	LOW	8.1.25-1+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2022-4900
procps	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
vim	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-common	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-runtime	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
wget	CVE-2021-31879	MEDIUM	1.21.2-2ubuntu1		https://avd.aquasec.com/nvd/cve-2021-31879
xxd	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:41:36Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.3 (ubuntu 22.04)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
bash	CVE-2022-3715	LOW	5.1-6ubuntu1		https://avd.aquasec.com/nvd/cve-2022-3715
coreutils	CVE-2016-2781	LOW	8.32-4.1ubuntu1		https://avd.aquasec.com/nvd/cve-2016-2781
dbus	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
dirmngr	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gcc-12-base	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
git	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
git-man	CVE-2018-1000021	LOW	1:2.34.1-1ubuntu1.10		https://avd.aquasec.com/nvd/cve-2018-1000021
gnupg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-l10n	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gnupg-utils	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-agent	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-client	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpg-wks-server	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgconf	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgsm	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
gpgv	CVE-2022-3219	LOW	2.2.27-3ubuntu2.1		https://avd.aquasec.com/nvd/cve-2022-3219
libapparmor1	CVE-2016-1585	MEDIUM	3.0.4-2ubuntu2.2		https://avd.aquasec.com/nvd/cve-2016-1585
libavahi-client3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-client3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-client3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-client3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-client3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common-data	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common-data	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common-data	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common-data	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common-data	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libavahi-common3	CVE-2023-38469	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38469
libavahi-common3	CVE-2023-38470	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38470
libavahi-common3	CVE-2023-38471	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38471
libavahi-common3	CVE-2023-38472	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38472
libavahi-common3	CVE-2023-38473	MEDIUM	0.8-5ubuntu5.1		https://avd.aquasec.com/nvd/cve-2023-38473
libc-bin	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc-bin	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libc6	CVE-2023-5156	MEDIUM	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2023-5156
libc6	CVE-2016-20013	LOW	2.35-0ubuntu3.4		https://avd.aquasec.com/nvd/cve-2016-20013
libdbus-1-3	CVE-2023-34969	LOW	1.12.20-2ubuntu4.1		https://avd.aquasec.com/nvd/cve-2023-34969
libgcc-s1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgd3	CVE-2021-40812	LOW	2.3.3-9+ubuntu22.04.1+deb.sury.org+1		https://avd.aquasec.com/nvd/cve-2021-40812
libgomp1	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libgraphicsmagick-q16-3	CVE-2017-13736	LOW	1.4+really1.3.38-1ubuntu0.1		https://avd.aquasec.com/nvd/cve-2017-13736
libgssapi-krb5-2	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libheif1	CVE-2023-0996	MEDIUM	1.12.0-2build1		https://avd.aquasec.com/nvd/cve-2023-0996
libjbig2dec0	CVE-2017-9216	LOW	0.19-3build2		https://avd.aquasec.com/nvd/cve-2017-9216
libk5crypto3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5-3	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libkrb5support0	CVE-2023-36054	MEDIUM	1.19.2-2ubuntu0.2		https://avd.aquasec.com/nvd/cve-2023-36054
libldap-2.5-0	CVE-2023-2953	LOW	2.5.16+dfsg-0ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2023-2953
liblzma5	CVE-2020-22916	MEDIUM	5.2.5-2ubuntu1		https://avd.aquasec.com/nvd/cve-2020-22916
libopenjp2-7	CVE-2019-6988	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2019-6988
libopenjp2-7	CVE-2021-29338	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-29338
libopenjp2-7	CVE-2021-3575	LOW	2.4.0-6		https://avd.aquasec.com/nvd/cve-2021-3575
libpcre3	CVE-2017-11164	LOW	2:8.39-13ubuntu0.22.04.1		https://avd.aquasec.com/nvd/cve-2017-11164
libperl5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
libpng16-16	CVE-2022-3857	LOW	1.6.37-3build5		https://avd.aquasec.com/nvd/cve-2022-3857
libprocps8	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
libpython3.10	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-minimal	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libpython3.10-stdlib	CVE-2023-27043	MEDIUM	3.10.12-1~22.04.2		https://avd.aquasec.com/nvd/cve-2023-27043
libsqlite3-0	CVE-2022-46908	LOW	3.37.2-2ubuntu0.1		https://avd.aquasec.com/nvd/cve-2022-46908
libssl3	CVE-2023-5363	MEDIUM	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-2975	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-2975
libssl3	CVE-2023-3446	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3446
libssl3	CVE-2023-3817	LOW	3.0.2-0ubuntu1.10	3.0.2-0ubuntu1.12	https://avd.aquasec.com/nvd/cve-2023-3817
libstdc++6	CVE-2022-27943	LOW	12.3.0-1ubuntu1~22.04		https://avd.aquasec.com/nvd/cve-2022-27943
libtiff5	CVE-2018-10126	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2018-10126
libtiff5	CVE-2023-3164	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3164
libtiff5	CVE-2023-3576	LOW	4.3.0-6ubuntu0.6		https://avd.aquasec.com/nvd/cve-2023-3576
libzstd1	CVE-2022-4899	LOW	1.4.8+dfsg-3build1		https://avd.aquasec.com/nvd/cve-2022-4899
login	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
openssh-client	CVE-2023-28531	LOW	1:8.9p1-3ubuntu0.4		https://avd.aquasec.com/nvd/cve-2023-28531
passwd	CVE-2023-29383	LOW	1:4.8.1-2ubuntu2.1		https://avd.aquasec.com/nvd/cve-2023-29383
patch	CVE-2018-6952	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2018-6952
patch	CVE-2021-45261	LOW	2.7.6-7build2		https://avd.aquasec.com/nvd/cve-2021-45261
perl	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-base	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
perl-modules-5.34	CVE-2022-48522	MEDIUM	5.34.0-3ubuntu1.2		https://avd.aquasec.com/nvd/cve-2022-48522
php-pear	CVE-2014-5459	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2014-5459
php-pear	CVE-2017-5630	LOW	1:1.10.12+submodules+notgz+20210212-1ubuntu3		https://avd.aquasec.com/nvd/cve-2017-5630
procps	CVE-2023-4016	LOW	2:3.3.17-6ubuntu2		https://avd.aquasec.com/nvd/cve-2023-4016
vim	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-common	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
vim-runtime	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886
wget	CVE-2021-31879	MEDIUM	1.21.2-2ubuntu1		https://avd.aquasec.com/nvd/cve-2021-31879
xxd	CVE-2022-1886	LOW	2:8.2.3995-1ubuntu2.13		https://avd.aquasec.com/nvd/cve-2022-1886

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:45:21Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/traefik_openssl:2.10.5 (alpine 3.18.4)

Vulnerabilities

No vulnerabilities found.

Misconfigurations

No misconfigurations found.

usr/local/bin/traefik

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/docker/docker	CVE-2023-28840	HIGH	v20.10.21+incompatible	20.10.24, 23.0.3	https://avd.aquasec.com/nvd/cve-2023-28840
github.com/docker/docker	CVE-2023-28841	MEDIUM	v20.10.21+incompatible	20.10.24, 23.0.3	https://avd.aquasec.com/nvd/cve-2023-28841
github.com/docker/docker	CVE-2023-28842	MEDIUM	v20.10.21+incompatible	20.10.24, 23.0.3	https://avd.aquasec.com/nvd/cve-2023-28842
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v20.10.21+incompatible	24.0.7	GHSA-jq35-85cj-fj4p
github.com/hashicorp/consul	CVE-2022-40716	MEDIUM	v1.10.12	1.11.9, 1.12.5, 1.13.2	https://avd.aquasec.com/nvd/cve-2022-40716
github.com/hashicorp/consul	CVE-2023-1297	MEDIUM	v1.10.12	1.14.5, 1.15.3	https://avd.aquasec.com/nvd/cve-2023-1297

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:13Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:5.8 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:20Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.1 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:28Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:5.9 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:30Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.2 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:36Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.0 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:46:42Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.3 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:49:25Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:trunk (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

github-actions · 2023-10-30T07:50:20Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.4 (alpine 3.18.4)

Vulnerabilities

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363
libssl3	CVE-2023-5363	MEDIUM	3.1.3-r0	3.1.4-r0	https://avd.aquasec.com/nvd/cve-2023-5363

Misconfigurations

No misconfigurations found.

sjinks · 2023-10-30T16:30:28Z

.github/actions/build-docker-image/action.yml

+    - name: Load image to local Docker
+      uses: docker/build-push-action@v5
+      with:
+        load: true
+        push: false
+        context: ${{ inputs.context }}
+        file: ${{ inputs.file }}
+        tags: |
+          ${{ inputs.primaryTag }}
+          ${{ inputs.tags }}
+        build-args: ${{ inputs.args }}


This second scan will not rebuild the image(s); it will load them from the build cache.

We need this step to feed the built image to the local Docker daemon. The previous step pushes the built image(s) to the registry but does not load them into Docker.

It is impossible to feed a multi-platform image to Docker anyway, so we export only the native version (amd64).

sjinks · 2023-10-30T16:34:27Z

.github/actions/build-docker-image/action.yml

+    - name: Security Scan
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ inputs.primaryTag }}
+        format: template
+        template: "@.github/actions/build-docker-image/markdown.tpl"
+        output: trivy.md
+      if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name && github.event.sender.login != 'dependabot[bot]'
+
+    - name: Security Scan
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ inputs.primaryTag }}
+        format: table
+      if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name || github.event.sender.login == 'dependabot[bot]'


We cannot post a comment from a PR coming from a "foreign" repo; Dependabot's pull requests also count as coming from a foreign repo.

So:

If this is a PR that comes from our repo and not from Dependabot, we generate a markdown output, which we will post as a comment;

Otherwise, if this is not a pull request, a PR from a foreign repo, or Dependabot authors this PR, we print scan results to the action log.

github-actions · 2023-10-31T01:13:24Z

Trivy Scan Report

ghcr.io/automattic/vip-container-images/nginx:1.25.3 (alpine 3.18.4)

Vulnerabilities

No vulnerabilities found.

Misconfigurations

No misconfigurations found.

sjinks self-assigned this Oct 30, 2023

sjinks force-pushed the refactor/build branch 3 times, most recently from 518be79 to 28884ac Compare October 30, 2023 06:32

sjinks marked this pull request as ready for review October 30, 2023 07:44

sjinks requested a review from a team as a code owner October 30, 2023 07:44

sjinks added the [Status] Needs Review label Oct 30, 2023

sjinks commented Oct 30, 2023

View reviewed changes

ci: refactor build workflows

d20f161

sjinks added 11 commits October 31, 2023 03:07

ci: post Trivy Scan Report as a comment

da4d149

ci: add support for multiple images

5c883d7

ci: refactor dev-tools.yml

22d320e

ci: refactor mu-plugins.yml

bbb3b22

ci: refactor nginx.yml

3ba4386

ci: refactor photon.yml

121dc30

ci: refactor php-fpm.yml

a7dfd60

ci: refactor skeleton.yml

3a71519

ci: refactor traefik.yml

bfe7f3c

ci: refactor wordpress.yml

159b7f8

ci: remove fields with default values

e7f7291

sjinks force-pushed the refactor/build branch from 25531f8 to e7f7291 Compare October 31, 2023 01:12

sjinks mentioned this pull request Oct 31, 2023

security(alpine): fix CVE-2023-5363 #568

Merged

rebeccahum approved these changes Oct 31, 2023

View reviewed changes

rebeccahum removed the [Status] Needs Review label Oct 31, 2023

sjinks merged commit 14a8adf into master Oct 31, 2023
21 checks passed

sjinks deleted the refactor/build branch October 31, 2023 14:59

sjinks mentioned this pull request Oct 31, 2023

Run security scan on Docker images #239

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: refactor build workflows #565

ci: refactor build workflows #565

sjinks commented Oct 30, 2023 •

edited

Loading

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023 •

edited

Loading

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

github-actions bot commented Oct 30, 2023

sjinks Oct 30, 2023 •

edited

Loading

sjinks Oct 30, 2023

github-actions bot commented Oct 31, 2023

ci: refactor build workflows #565

ci: refactor build workflows #565

Conversation

sjinks commented Oct 30, 2023 • edited Loading

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/alpine:3.18.4 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/dev-tools:0.9 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/mu-plugins:0.1 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/nginx:1.25.2 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/skeleton:latest (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/photon:latest (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.0 (ubuntu 22.04)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:7.4 (ubuntu 22.04)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.2 (ubuntu 22.04)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.1 (ubuntu 22.04)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.3 (ubuntu 22.04)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023 • edited Loading

Trivy Scan Report

ghcr.io/automattic/vip-container-images/traefik_openssl:2.10.5 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

usr/local/bin/traefik

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:5.8 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.1 (alpine 3.18.4)

Vulnerabilities

Misconfigurations

github-actions bot commented Oct 30, 2023

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:5.9 (alpine 3.18.4)

sjinks commented Oct 30, 2023 •

edited

Loading

github-actions bot commented Oct 30, 2023 •

edited

Loading

sjinks Oct 30, 2023 •

edited

Loading