Vulnerability Scan Report for registry.suse.com/bci/openjdk-devel:17.0.14.0-4.31
OpenJDK 17 development container based on the SLE Base Container Image.
registry.suse.com/bci/openjdk-devel:17.0.14.0-4.31
Last scanned on: July 09, 2025 08:53
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: July 09, 2025 08:53
| Package Name | Severity | Status | Description | Reference links | |
|---|---|---|---|---|---|
| libssh-config | HIGH | fixed |
Security update for libssh Vulnerability ID: SUSE-SU-2025:02229-1 Installed Version: 0.9.8-150600.9.1 Fixed Version: 0.9.8-150600.11.3.1 This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management (bsc#1245311). - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions (bsc#1245309). - CVE-2025-4878: Fixed use of uninitialized variable in privatekey_from_file() (bsc#1245310). - CVE-2025-5372: Fixed cases where ssh_kdf() returns a success code on certain failures (bsc#1245314). |
||
| libssh4 | HIGH | fixed |
Security update for libssh Vulnerability ID: SUSE-SU-2025:02229-1 Installed Version: 0.9.8-150600.9.1 Fixed Version: 0.9.8-150600.11.3.1 This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management (bsc#1245311). - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions (bsc#1245309). - CVE-2025-4878: Fixed use of uninitialized variable in privatekey_from_file() (bsc#1245310). - CVE-2025-5372: Fixed cases where ssh_kdf() returns a success code on certain failures (bsc#1245314). |
||
| libxml2-2 | MEDIUM | fixed |
Security update for libxml2 Vulnerability ID: SUSE-SU-2025:1438-1 Installed Version: 2.10.3-150500.5.23.1 Fixed Version: 2.10.3-150500.5.26.1 This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) |
||
| openssl-3 | HIGH | fixed |
Security update for openssl-3 Vulnerability ID: SUSE-SU-2025:1550-1 Installed Version: 3.1.4-150600.5.24.1 Fixed Version: 3.1.4-150600.5.27.1 This update for openssl-3 fixes the following issues: Security: - CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture (bsc#1240366). - Missing null pointer check before accessing handshake_func in ssl_lib.c (bsc#1240607). FIPS: - Disabling EMS in OpenSSL configuration prevents sshd from starting (bsc#1230959, bsc#1232326, bsc#1231748). |
||
| pam | HIGH | fixed |
Security update for pam Vulnerability ID: SUSE-SU-2025:02013-1 Installed Version: 1.3.0-150000.6.76.1 Fixed Version: 1.3.0-150000.6.83.1 This update for pam fixes the following issues: - CVE-2025-6018: pam_env: Change the default to not read the user .pam_environment file (bsc#1243226). - CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path (bsc#1244509). |
||