Vulnerability Scan Report for registry.suse.com/bci/php:8-11.3
PHP 8 container based on the SLE Base Container Image.
Last scanned on: July 23, 2024 06:10
![](/assets/images/containers-7e1f6ccbb2a74b9ca8542ef74aad5cfeb395762b.webp)
PHP 8 container based on the SLE Base Container Image.
Last scanned on: July 23, 2024 06:10
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libgnutls30-hmac | MEDIUM | fixed |
Security update for gnutls Vulnerability ID: SUSE-SU-2024:1271-1 Installed Version: 3.7.3-150400.4.38.1 Fixed Version: 3.7.3-150400.4.44.1 This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746) - CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747) Other fixes: - jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread (bsc#1221242) |
||
libmount1 | HIGH | fixed |
Security update for util-linux Vulnerability ID: SUSE-SU-2024:1172-1 Installed Version: 2.37.4-150500.7.16 Fixed Version: 2.37.4-150500.9.6.1 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) |
||
libncurses6 | LOW | fixed |
Security update for ncurses Vulnerability ID: SUSE-SU-2024:1133-1 Installed Version: 6.1-150000.5.20.1 Fixed Version: 6.1-150000.5.24.1 This update for ncurses fixes the following issues: - CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). |
||
libnghttp2-14 | HIGH | fixed |
Security update for nghttp2 Vulnerability ID: SUSE-SU-2024:1167-1 Installed Version: 1.40.0-150200.12.1 Fixed Version: 1.40.0-150200.17.1 This update for nghttp2 fixes the following issues: - CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) |
||
libonig4 | MEDIUM | fixed |
Security update for oniguruma Vulnerability ID: SUSE-SU-2024:2401-1 Installed Version: 6.7.0-150000.3.3.1 Fixed Version: 6.7.0-150000.3.6.1 This update for oniguruma fixes the following issues: - CVE-2019-13225: Fixed null-pointer dereference in match_at() in regexec.c (bsc#1141157). |