buildpacks icon indicating copy to clipboard operation
buildpacks copied to clipboard
verified publisher icon GoogleCloudPlatform

Images generated from PHP buildpack has a vulnerability

Open JanakaSandaruwan opened this issue 10 months ago • 1 comments

Describe the bug

I am using builder:google-22 to build a PHP application and it has the following vulnerability

layers/google.utils.nginx/pid1/pid1 (gobinary) CVE-2024-24790

If you have a general question about how to use buildpacks, we encourage you to open a discussion topic instead

Additional context How are you using GCP buildpacks?

  • [ ] pack and the gcr.io/buildpacks/builder
  • [ ] Cloud Functions
  • [ ] Cloud Run
  • [ ] Cloud Build
  • [ ] App Engine Standard
  • [ ] App Engine Flex
  • [ ] Firebase App Hosting

Did this used to work? (Yes/No) Was this working before? When did you start noticing these errors?

What language is your project primarily written in? (Python/Java/Node.js/Go/etc.)

Steps To Reproduce Steps to reproduce the behavior:

  1. pack build ...

Expected behavior A clear and concise description of what you expected to happen.

Actual behavior What actually happened?

If applicable, add screenshots / logs / error messages

JanakaSandaruwan avatar Mar 19 '25 06:03 JanakaSandaruwan

Any update on this?

JanakaSandaruwan avatar Apr 04 '25 16:04 JanakaSandaruwan