Vulnerability Scan Report for registry.suse.com/bci/php:8-11.3
PHP 8 container based on the SLE Base Container Image.
Last scanned on: July 23, 2024 06:10
![](/assets/images/containers-7e1f6ccbb2a74b9ca8542ef74aad5cfeb395762b.webp)
PHP 8 container based on the SLE Base Container Image.
Last scanned on: July 23, 2024 06:10
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libfdisk1 | HIGH | fixed |
Security update for util-linux Vulnerability ID: SUSE-SU-2024:1172-1 Installed Version: 2.37.4-150500.7.16 Fixed Version: 2.37.4-150500.9.6.1 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) |
||
libglib-2_0-0 | LOW | fixed |
Security update for glib2 Vulnerability ID: SUSE-SU-2024:1830-1 Installed Version: 2.70.5-150400.3.8.1 Fixed Version: 2.70.5-150400.3.11.1 This update for glib2 fixes the following issues: - CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). |
||
libgnutls30 | MEDIUM | fixed |
Security update for gnutls Vulnerability ID: SUSE-SU-2024:0638-1 Installed Version: 3.7.3-150400.4.38.1 Fixed Version: 3.7.3-150400.4.41.3 This update for gnutls fixes the following issues: - CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862). - CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865). |
||
libgnutls30 | MEDIUM | fixed |
Security update for gnutls Vulnerability ID: SUSE-SU-2024:1271-1 Installed Version: 3.7.3-150400.4.38.1 Fixed Version: 3.7.3-150400.4.44.1 This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746) - CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747) Other fixes: - jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread (bsc#1221242) |
||
libgnutls30-hmac | MEDIUM | fixed |
Security update for gnutls Vulnerability ID: SUSE-SU-2024:0638-1 Installed Version: 3.7.3-150400.4.38.1 Fixed Version: 3.7.3-150400.4.41.3 This update for gnutls fixes the following issues: - CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862). - CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865). |