Vulnerability Scan Report for registry.suse.com/bci/php-fpm:8.2.20
PHP-FPM 8 container based on the SLE Base Container Image.
registry.suse.com/bci/php-fpm:8.2.20
Last scanned on: June 25, 2025 21:02
PHP-FPM 8 container based on the SLE Base Container Image.
Last scanned on: June 25, 2025 21:02
| Package Name | Severity | Status | Description | Reference links | |
|---|---|---|---|---|---|
| glibc | LOW | fixed |
Security update for glibc Vulnerability ID: SUSE-SU-2025:0582-1 Installed Version: 2.38-150600.14.11.2 Fixed Version: 2.38-150600.14.23.1 This update for glibc fixes the following issues: - CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282) |
||
| krb5 | MEDIUM | fixed |
Security update for crypto-policies, krb5 Vulnerability ID: SUSE-SU-2025:0401-1 Installed Version: 1.20.1-150600.11.3.1 Fixed Version: 1.20.1-150600.11.8.1 This update for crypto-policies and krb5 fixes the following issues: Security issue fixed: - CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash (bsc#1236619). Feature addition: - Add crypto-policies support; (jsc#PED-12018) * The default krb5.conf has been updated to include config snippets in the krb5.conf.d directory, where crypto-policies drops its. - Allow to use KRB5KDF in FIPS mode; (jsc#PED-12018); * This key derivation function is used by AES256-CTS-HMAC-SHA1-96 and AES128-CTS-HMAC-SHA1-96 encryption types, used by Active directory. If these encryption types are allowed or not in FIPS mode is enforced now by the FIPS:AD-SUPPORT subpolicy. |
||
| libapparmor1 | MEDIUM | fixed |
Security update for apparmor Vulnerability ID: SUSE-SU-2025:1511-1 Installed Version: 3.1.7-150600.3.1 Fixed Version: 3.1.7-150600.5.9.1 This update for apparmor fixes the following issues: - Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) |
||
| libapparmor1 | UNKNOWN | fixed |
Security update for apparmor Vulnerability ID: SUSE-SU-2025:1134-1 Installed Version: 3.1.7-150600.3.1 Fixed Version: 3.1.7-150600.5.3.2 This update for apparmor fixes the following issue: - Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin (bsc#1234452). |
||
| libaugeas0 | LOW | fixed |
Security update for augeas Vulnerability ID: SUSE-SU-2025:1534-1 Installed Version: 1.14.1-150600.1.3 Fixed Version: 1.14.1-150600.3.3.1 This update for augeas fixes the following issues: - CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) |
||