Vulnerability Scan Report for registry.suse.com/bci/golang:1.20-2.10
Go 1.20-openssl development container based on the SLE Base Container Image.
Last scanned on: November 03, 2024 15:53
Go 1.20-openssl development container based on the SLE Base Container Image.
Last scanned on: November 03, 2024 15:53
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:2891-1 Installed Version: 7.79.1-150400.5.18.1 Fixed Version: 8.0.1-150400.5.26.1 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237). |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:4659-1 Installed Version: 7.79.1-150400.5.18.1 Fixed Version: 8.0.1-150400.5.36.1 This update for curl fixes the following issues: - CVE-2023-46218: Fixed cookie mixed case PSL bypass (bsc#1217573). - CVE-2023-46219: HSTS long file name clears contents (bsc#1217574). |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:1151-2 Installed Version: 7.79.1-150400.5.18.1 Fixed Version: 8.0.1-150400.5.44.1 This update for curl fixes the following issues: - CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) - CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3080-2 Installed Version: 7.79.1-150400.5.18.1 Fixed Version: 8.0.1-150400.5.47.1 This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) |
||
gcc7 | HIGH | fixed |
Security update for gcc7 Vulnerability ID: SUSE-SU-2023:3686-1 Installed Version: 7.5.0+r278197-4.30.1 Fixed Version: 7.5.0+r278197-150000.4.35.1 This update for gcc7 fixes the following issues: Security issue fixed: - CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). Other fixes: - Fixed KASAN kernel compile. [bsc#1205145] - Fixed ICE with C++17 code as reported in [bsc#1204505] - Fixed altivec.h redefining bool in C++ which makes bool unusable (bsc#1195517): - Adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861] |