Vulnerability Scan Report for registry.suse.com/bci/openjdk:17-16.40
OpenJDK 17 runtime container based on the SLE Base Container Image.
Last scanned on: December 01, 2024 13:20
OpenJDK 17 runtime container based on the SLE Base Container Image.
Last scanned on: December 01, 2024 13:20
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
ca-certificates-mozilla | UNKNOWN | fixed |
Security update for ca-certificates-mozilla Vulnerability ID: SUSE-SU-2024:2869-1 Installed Version: 2.62-150200.30.1 Fixed Version: 2.68-150200.33.1 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 |
||
container-suseconnect | MEDIUM | fixed |
Security update for container-suseconnect Vulnerability ID: SUSE-SU-2024:3360-1 Installed Version: 2.4.0-150000.4.50.2 Fixed Version: 2.5.0-150000.4.55.1 This update for container-suseconnect rebuilds it against current go1.21.13.1. Security issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791 |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3080-1 Installed Version: 8.0.1-150400.5.44.1 Fixed Version: 8.0.1-150400.5.47.1 This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3211-1 Installed Version: 8.0.1-150400.5.44.1 Fixed Version: 8.0.1-150400.5.50.1 This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3926-1 Installed Version: 8.0.1-150400.5.44.1 Fixed Version: 8.0.1-150400.5.56.1 This update for curl fixes the following issues: - CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) |