Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.5.14.35
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: September 10, 2024 09:30
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: September 10, 2024 09:30
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libncurses6 | LOW | fixed |
Security update for ncurses Vulnerability ID: SUSE-SU-2024:1133-1 Installed Version: 6.1-150000.5.20.1 Fixed Version: 6.1-150000.5.24.1 This update for ncurses fixes the following issues: - CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). |
||
libnghttp2-14 | HIGH | fixed |
Security update for nghttp2 Vulnerability ID: SUSE-SU-2024:1167-1 Installed Version: 1.40.0-150200.12.1 Fixed Version: 1.40.0-150200.17.1 This update for nghttp2 fixes the following issues: - CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) |
||
libopenssl1_1 | HIGH | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2051-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.31.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) |
||
libopenssl1_1 | MEDIUM | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:1808-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.28.2 This update for openssl-1_1 fixes the following issues: - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). |
||
libopenssl1_1 | MEDIUM | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2891-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.34.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) Other fixes: - Build with no-afalgeng (bsc#1226463) |