Vulnerability Scan Report for registry.suse.com/bci/php-fpm:8.2.24
PHP-FPM 8 container based on the SLE Base Container Image.
Last scanned on: February 04, 2025 10:31

PHP-FPM 8 container based on the SLE Base Container Image.
Last scanned on: February 04, 2025 10:31
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:4288-1 Installed Version: 8.6.0-150600.4.12.1 Fixed Version: 8.6.0-150600.4.15.1 This update for curl fixes the following issues: - CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068) |
||
libcurl4 | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:4288-1 Installed Version: 8.6.0-150600.4.12.1 Fixed Version: 8.6.0-150600.4.15.1 This update for curl fixes the following issues: - CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068) |
||
libglib-2_0-0 | HIGH | fixed |
Security update for glib2 Vulnerability ID: SUSE-SU-2024:4254-1 Installed Version: 2.78.6-150600.4.3.1 Fixed Version: 2.78.6-150600.4.8.1 This update for glib2 fixes the following issues: Security issues fixed: - CVE-2024-52533: Fix a single byte buffer overflow in set_connect_msg() (bsc#1233282). Non-security issue fixed: - Fix error when uninstalling packages (bsc#1231463). |
||
php8 | MEDIUM | fixed |
Security update for php8 Vulnerability ID: SUSE-SU-2024:4136-1 Installed Version: 8.2.24-150600.3.6.1 Fixed Version: 8.2.26-150600.3.9.1 This update for php8 fixes the following issues: - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter (bsc#1233702). - CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs (bsc#1233703). - CVE-2024-8929: Leak partial content of the heap through heap buffer over-read (bsc#1233651). |
||
php8-cli | MEDIUM | fixed |
Security update for php8 Vulnerability ID: SUSE-SU-2024:4136-1 Installed Version: 8.2.24-150600.3.6.1 Fixed Version: 8.2.26-150600.3.9.1 This update for php8 fixes the following issues: - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter (bsc#1233702). - CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs (bsc#1233703). - CVE-2024-8929: Leak partial content of the heap through heap buffer over-read (bsc#1233651). |