fix: resolve serialize-javascript RCE vulnerability (CVE) · netresearch/timetracker@b513e12

Triggered via push March 7, 2026 19:32

CybotTM

pushed b513e12

main

Status Success

Total duration 4m 56s

Artifacts 2

docker-publish.yml

on: push

docker

4m 51s

Annotations

4 warnings

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L28

InvalidDefaultArgInFrom: Default value for ARG ${PHP_BASE_IMAGE} results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L23

InvalidDefaultArgInFrom: Default value for ARG ${COMPOSER_IMAGE} results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L28

InvalidDefaultArgInFrom: Default value for ARG ${PHP_BASE_IMAGE} results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L23

InvalidDefaultArgInFrom: Default value for ARG ${COMPOSER_IMAGE} results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

Artifacts

Produced during runtime

Name	Size	Digest
netresearch~timetracker~6ZOOXI.dockerbuild	104 KB	`sha256:5c5f9e484421bc7ee4b4365bdaab3de35c1973e31624a574e67fbe484f0b8879`
netresearch~timetracker~RILKVL.dockerbuild	131 KB	`sha256:be3aafd234267efa8a1e4d02ef14ec6cacc16e9e2730cbaf1e1b67be6712a27d`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: resolve serialize-javascript RCE vulnerability (CVE) #1321

Summary

fix: resolve serialize-javascript RCE vulnerability (CVE) #1321

Uh oh!

docker-publish.yml

Annotations

Artifacts