Vulnerability Scan Report for registry.suse.com/bci/golang:1.20-openssl-34.7
Go 1.20-openssl development container based on the SLE Base Container Image.
Last scanned on: September 19, 2024 14:53
Go 1.20-openssl development container based on the SLE Base Container Image.
Last scanned on: September 19, 2024 14:53
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
ca-certificates-mozilla | UNKNOWN | fixed |
Security update for ca-certificates-mozilla Vulnerability ID: SUSE-SU-2024:2869-1 Installed Version: 2.62-150200.30.1 Fixed Version: 2.68-150200.33.1 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 |
||
curl | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:2784-1 Installed Version: 8.6.0-150600.2.2 Fixed Version: 8.6.0-150600.4.3.1 This update for curl fixes the following issues: - CVE-2024-7264: Fixed ASN.1 date parser overread (bsc#1228535) - CVE-2024-6197: Fixed freeing stack buffer in utf8asn1str (bsc#1227888) |
||
curl | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3204-1 Installed Version: 8.6.0-150600.2.2 Fixed Version: 8.6.0-150600.4.6.1 This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) |
||
git-core | HIGH | fixed |
Security update for git Vulnerability ID: SUSE-SU-2024:2579-1 Installed Version: 2.43.0-150600.3.3.1 Fixed Version: 2.43.0-150600.3.6.1 This update for git fixes the following issues: - CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) |
||
libcurl4 | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:2784-1 Installed Version: 8.6.0-150600.2.2 Fixed Version: 8.6.0-150600.4.3.1 This update for curl fixes the following issues: - CVE-2024-7264: Fixed ASN.1 date parser overread (bsc#1228535) - CVE-2024-6197: Fixed freeing stack buffer in utf8asn1str (bsc#1227888) |