Vulnerability Scan Report for registry.suse.com/bci/openjdk-devel:17-28.3
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: January 06, 2025 20:53
OpenJDK 17 development container based on the SLE Base Container Image.
Last scanned on: January 06, 2025 20:53
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libcurl4 | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:4359-1 Installed Version: 8.0.1-150400.5.44.1 Fixed Version: 8.0.1-150400.5.59.1 This update for curl fixes the following issues: - CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances (bsc#1234068) |
||
libexpat1 | MEDIUM | fixed |
Security update for expat Vulnerability ID: SUSE-SU-2024:3216-1 Installed Version: 2.4.4-150400.3.17.1 Fixed Version: 2.4.4-150400.3.22.1 This update for expat fixes the following issues: - CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932) - CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931) - CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930) |
||
libexpat1 | MEDIUM | fixed |
Security update for expat Vulnerability ID: SUSE-SU-2024:4035-1 Installed Version: 2.4.4-150400.3.17.1 Fixed Version: 2.4.4-150400.3.25.1 This update for expat fixes the following issues: - CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579). |
||
libglib-2_0-0 | HIGH | fixed |
Security update for glib2 Vulnerability ID: SUSE-SU-2024:4078-1 Installed Version: 2.70.5-150400.3.11.1 Fixed Version: 2.70.5-150400.3.17.1 This update for glib2 fixes the following issues: - CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). |
||
libglib-2_0-0 | LOW | fixed |
Security update for glib2 Vulnerability ID: SUSE-SU-2024:3086-1 Installed Version: 2.70.5-150400.3.11.1 Fixed Version: 2.70.5-150400.3.14.1 This update for glib2 fixes the following issues: - Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044). |