Vulnerability Scan Report for registry.suse.com/bci/openjdk-devel:17-15.4

OpenJDK 17 development container based on the SLE Base Container Image.

registry.suse.com/bci/openjdk-devel:17-15.4

Last scanned on: May 01, 2025 21:12

Package Name	Severity	Status	Description	Reference links
krb5	HIGH	fixed	Security update for krb5 Vulnerability ID: SUSE-SU-2024:2322-1 Installed Version: 1.19.2-150400.3.3.1 Fixed Version: 1.19.2-150400.3.12.1 This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187).	CVE-2024-37370 CVE-2024-37371 SU-20242322-1 SUSE Bug#1227186 SUSE Bug#1227187 SUSE Mailing List [sle-updates] 2024-July#035853 SUSE Security Rating
less	HIGH	fixed	Security update for less Vulnerability ID: SUSE-SU-2024:1192-1 Installed Version: 590-150400.3.3.1 Fixed Version: 590-150400.3.6.2 This update for less fixes the following issues: - CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901).	CVE-2022-48624 SU-20241192-1 SUSE Bug#1219901 SUSE Mailing List [sle-updates] 2024-April#034922 SUSE Security Rating
less	HIGH	fixed	Security update for less Vulnerability ID: SUSE-SU-2024:1598-1 Installed Version: 590-150400.3.3.1 Fixed Version: 590-150400.3.9.1 This update for less fixes the following issues: - CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849)	CVE-2024-32487 SU-20241598-1 SUSE Bug#1222849 SUSE Mailing List [sle-updates] 2024-May#035227 SUSE Security Rating
libX11-6	HIGH	fixed	Security update for libX11 Vulnerability ID: SUSE-SU-2023:2614-1 Installed Version: 1.6.5-150000.3.27.1 Fixed Version: 1.6.5-150000.3.30.1 This update for libX11 fixes the following issues: - CVE-2023-3138: Fixed buffer overflows in InitExt.c (bsc#1212102).	CVE-2023-3138 SU-20232614-1 SUSE Bug#1212102 SUSE Mailing List [sle-updates] 2023-June#030001 SUSE Security Rating
libX11-6	MEDIUM	fixed	Security update for libX11 Vulnerability ID: SUSE-SU-2023:3963-1 Installed Version: 1.6.5-150000.3.27.1 Fixed Version: 1.6.5-150000.3.33.1 This update for libX11 fixes the following issues: - CVE-2023-43786: Fixed stack exhaustion from infinite recursion in PutSubImage() (bsc#1215684). - CVE-2023-43787: Fixed integer overflow in XCreateImage() leading to a heap overflow (bsc#1215685). - CVE-2023-43785: Fixed out-of-bounds memory access in _XkbReadKeySyms() (bsc#1215683).	CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 SU-20233963-1 SUSE Bug#1215683 SUSE Bug#1215684 SUSE Bug#1215685 SUSE Mailing List [sle-updates] 2023-October#031904 SUSE Security Rating