You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The most recent image tag for php:zts-alpine using an out-dated curl and libcurl version. This version is vulnerable against CVE-2024-8096. A fix is provided from curl project via version 8.10.0 (or higher). This version was released at 11 Sep 2024 containing the fix named "gtls: fix OCSP stapling Management" to resolve this CVE.
Describe the issue
The most recent image tag for
php:zts-alpine
using an out-dated curl and libcurl version. This version is vulnerable against CVE-2024-8096. A fix is provided from curl project via version 8.10.0 (or higher). This version was released at 11 Sep 2024 containing the fix named "gtls: fix OCSP stapling Management" to resolve this CVE.Details from Image-Scan
8.9.1-r2
8.10.0-r0
You can find this vulnerability on docker-hub as well:
Question/Request
The latest build of image-tag
php:zts-alpine
on docker-hub was push at 27 Sep 2024.The text was updated successfully, but these errors were encountered: