Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.5.14.30
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: October 03, 2024 15:50
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: October 03, 2024 15:50
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libnghttp2-14 | HIGH | fixed |
Security update for nghttp2 Vulnerability ID: SUSE-SU-2024:1167-1 Installed Version: 1.40.0-150200.12.1 Fixed Version: 1.40.0-150200.17.1 This update for nghttp2 fixes the following issues: - CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) |
||
libopenssl1_1 | HIGH | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2051-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.31.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) |
||
libopenssl1_1 | MEDIUM | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:1808-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.28.2 This update for openssl-1_1 fixes the following issues: - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). |
||
libopenssl1_1 | MEDIUM | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2891-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.34.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) Other fixes: - Build with no-afalgeng (bsc#1226463) |
||
libopenssl1_1-hmac | HIGH | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2051-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.31.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) |