We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What happened:
Scanning a PHP docker image with Redis PHP extension shows s a lot of vulnerabilities.
redis 6.0.2 php-pecl CVE-2022-24834 High redis 6.0.2 php-pecl CVE-2022-24735 High redis 6.0.2 php-pecl CVE-2021-41099 High redis 6.0.2 php-pecl CVE-2021-32762 High redis 6.0.2 php-pecl CVE-2021-32687 High redis 6.0.2 php-pecl CVE-2021-32675 High redis 6.0.2 php-pecl CVE-2021-32628 High redis 6.0.2 php-pecl CVE-2021-32627 High redis 6.0.2 php-pecl CVE-2021-32626 High redis 6.0.2 php-pecl CVE-2023-28856 Medium redis 6.0.2 php-pecl CVE-2023-25155 Medium redis 6.0.2 php-pecl CVE-2022-36021 Medium redis 6.0.2 php-pecl CVE-2022-35977 Medium redis 6.0.2 php-pecl CVE-2022-24736 Medium redis 6.0.2 php-pecl CVE-2021-32672 Medium redis 6.0.2 php-pecl CVE-2021-31294 Medium redis 6.0.2 php-pecl CVE-2023-45145 Low redis 6.0.2 php-pecl CVE-2022-3647 Low
these CVE are associated with the redis-server, not the PHP extension.
I have no idea if this is a problem of Grype, the vulnerability database 🤔
What you expected to happen:
Don't show these records
How to reproduce it (as minimally and precisely as possible):
grype shopware/docker-base:8.3
Anything else we need to know?:
Environment:
grype version
Application: grype Version: 0.75.0 BuildDate: 2024-04-04T16:02:59Z GitCommit: 57af1c34cb7db17824eac983cc6ae6945db47c88 GitDescription: v0.75.0 Platform: linux/amd64 GoVersion: go1.21.8 Compiler: gc Syft Version: v1.1.1 Supported DB Schema: 5
cat /etc/os-release
The text was updated successfully, but these errors were encountered:
I can confirm that I'm seeing the same issue(s) on my end using grype shinsenter/laravel:php8.1
grype shinsenter/laravel:php8.1
redis 6.0.2 php-pecl CVE-2022-0543 Critical redis 6.0.2 php-pecl CVE-2022-24834 High redis 6.0.2 php-pecl CVE-2022-24735 High redis 6.0.2 php-pecl CVE-2021-41099 High redis 6.0.2 php-pecl CVE-2021-32762 High redis 6.0.2 php-pecl CVE-2021-32687 High redis 6.0.2 php-pecl CVE-2021-32675 High redis 6.0.2 php-pecl CVE-2021-32628 High redis 6.0.2 php-pecl CVE-2021-32627 High redis 6.0.2 php-pecl CVE-2021-32626 High redis 6.0.2 php-pecl CVE-2023-28856 Medium redis 6.0.2 php-pecl CVE-2023-25155 Medium redis 6.0.2 php-pecl CVE-2022-36021 Medium redis 6.0.2 php-pecl CVE-2022-35977 Medium redis 6.0.2 php-pecl CVE-2022-24736 Medium redis 6.0.2 php-pecl CVE-2021-32672 Medium redis 6.0.2 php-pecl CVE-2021-31294 Medium redis 6.0.2 php-pecl CVE-2023-45145 Low redis 6.0.2 php-pecl CVE-2022-3647 Low
Sorry, something went wrong.
No branches or pull requests
What happened:
Scanning a PHP docker image with Redis PHP extension shows s a lot of vulnerabilities.
these CVE are associated with the redis-server, not the PHP extension.
I have no idea if this is a problem of Grype, the vulnerability database 🤔
What you expected to happen:
Don't show these records
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
grype version
:cat /etc/os-release
or similar):The text was updated successfully, but these errors were encountered: