Security Vulnerability: PHP Version out of date

web-arena-x / webarena

Code repo for "WebArena: A Realistic Web Environment for Building Autonomous Agents"

https://webarena.dev

Apache License 2.0

647 stars 94 forks source link

Security Vulnerability: PHP Version out of date #96

Closed dragon18456 closed 1 month ago

dragon18456 commented 6 months ago

The Docker image for the Reddit environment: postmill-populated-exposed-withimg.tar is built using php 8.1.17, which has a number of known security vulnerabilities: https://www.tenable.com/plugins/nessus/179317

Could you update the image to use php 8.1.22?

shuyanzhou commented 5 months ago

@frankxu2004, my understanding is that since these are not real websites, it is OK to keep the current version. Let me know your thoughts

dragon18456 commented 4 months ago

I am trying to run this on docker locally and the network admin won't let me run this with an outdated version of PHP