Vulnerability Scan Report for registry.suse.com/bci/openjdk-devel:17-15.4
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: July 22, 2024 13:50
![](/assets/images/containers-7e1f6ccbb2a74b9ca8542ef74aad5cfeb395762b.webp)
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: July 22, 2024 13:50
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:2891-1 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.26.1 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237). |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:4659-1 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.36.1 This update for curl fixes the following issues: - CVE-2023-46218: Fixed cookie mixed case PSL bypass (bsc#1217573). - CVE-2023-46219: HSTS long file name clears contents (bsc#1217574). |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:1151-2 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.44.1 This update for curl fixes the following issues: - CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) - CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) |
||
git-core | HIGH | fixed |
Security update for git Vulnerability ID: SUSE-SU-2024:1807-1 Installed Version: 2.35.3-150300.10.27.1 Fixed Version: 2.35.3-150300.10.39.1 This update for git fixes the following issues: - CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). - CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). - CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). - CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). - CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). |
||
glibc | HIGH | fixed |
Security update for glibc Vulnerability ID: SUSE-SU-2024:1375-1 Installed Version: 2.31-150300.46.1 Fixed Version: 2.31-150300.74.1 This update for glibc fixes the following issues: - iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) |