Vulnerability Scan Report for registry.suse.com/bci/golang:1.23.7

Go 1.23 development container based on the SLE Base Container Image.

registry.suse.com/bci/golang:1.23.7

Last scanned on: June 05, 2025 07:02

Package Name	Severity	Status	Description	Reference links
glibc	HIGH	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2025:01702-1 Installed Version: 2.38-150600.14.23.1 Fixed Version: 2.38-150600.14.32.1 This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317).	CVE-2025-4802 SU-202501702-1 SUSE Bug#1243317 SUSE Mailing List [sle-updates] 2025-May#039341 SUSE Security Rating
glibc-devel	HIGH	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2025:01702-1 Installed Version: 2.38-150600.14.23.1 Fixed Version: 2.38-150600.14.32.1 This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317).	CVE-2025-4802 SU-202501702-1 SUSE Bug#1243317 SUSE Mailing List [sle-updates] 2025-May#039341 SUSE Security Rating
go1.23	HIGH	fixed	Security update for go1.23 Vulnerability ID: SUSE-SU-2025:1141-1 Installed Version: 1.23.7-150000.1.24.1 Fixed Version: 1.23.8-150000.1.27.1 This update for go1.23 fixes the following issues: - Update to go1.23.8 - CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. (bsc#1240550)	CVE-2025-22871 SU-20251141-1 SUSE Bug#1229122 SUSE Bug#1240550 SUSE Mailing List [sle-updates] 2025-April#038911 SUSE Security Rating
go1.23-doc	HIGH	fixed	Security update for go1.23 Vulnerability ID: SUSE-SU-2025:1141-1 Installed Version: 1.23.7-150000.1.24.1 Fixed Version: 1.23.8-150000.1.27.1 This update for go1.23 fixes the following issues: - Update to go1.23.8 - CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. (bsc#1240550)	CVE-2025-22871 SU-20251141-1 SUSE Bug#1229122 SUSE Bug#1240550 SUSE Mailing List [sle-updates] 2025-April#038911 SUSE Security Rating
go1.23-race	HIGH	fixed	Security update for go1.23 Vulnerability ID: SUSE-SU-2025:1141-1 Installed Version: 1.23.7-150000.1.24.1 Fixed Version: 1.23.8-150000.1.27.1 This update for go1.23 fixes the following issues: - Update to go1.23.8 - CVE-2025-22871: Fix an issue with request smuggling through invalid chunked data. (bsc#1240550)	CVE-2025-22871 SU-20251141-1 SUSE Bug#1229122 SUSE Bug#1240550 SUSE Mailing List [sle-updates] 2025-April#038911 SUSE Security Rating