Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.5.18.3

Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.

registry.suse.com/bci/bci-init:15.5.18.3

Last scanned on: July 05, 2025 05:12

Package Name	Severity	Status	Description	Reference links
libexpat1	MEDIUM	fixed	Security update for expat Vulnerability ID: SUSE-SU-2024:4035-1 Installed Version: 2.4.4-150400.3.17.1 Fixed Version: 2.4.4-150400.3.25.1 This update for expat fixes the following issues: - CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579).	CVE-2024-50602 SU-20244035-1 SUSE Bug#1232579 SUSE Mailing List [sle-security-updates] 2024-November#019824 SUSE Security Rating
libglib-2_0-0	HIGH	fixed	Security update for glib2 Vulnerability ID: SUSE-SU-2024:4078-1 Installed Version: 2.70.5-150400.3.8.1 Fixed Version: 2.70.5-150400.3.17.1 This update for glib2 fixes the following issues: - CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282).	CVE-2024-52533 SU-20244078-1 SUSE Bug#1233282 SUSE Mailing List [sle-security-updates] 2024-November#019854 SUSE Security Rating
libglib-2_0-0	LOW	fixed	Security update for glib2 Vulnerability ID: SUSE-SU-2024:1830-1 Installed Version: 2.70.5-150400.3.8.1 Fixed Version: 2.70.5-150400.3.11.1 This update for glib2 fixes the following issues: - CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044).	CVE-2024-34397 SU-20241830-1 SUSE Bug#1224044 SUSE Mailing List [sle-security-updates] 2024-May#018626 SUSE Security Rating
libglib-2_0-0	LOW	fixed	Security update for glib2 Vulnerability ID: SUSE-SU-2024:3086-1 Installed Version: 2.70.5-150400.3.8.1 Fixed Version: 2.70.5-150400.3.14.1 This update for glib2 fixes the following issues: - Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).	CVE-2024-34397 SU-20243086-1 SUSE Bug#1224044 SUSE Mailing List [sle-security-updates] 2024-September#019344 SUSE Security Rating
libopenssl1_1	HIGH	fixed	Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2051-1 Installed Version: 1.1.1l-150500.17.25.1 Fixed Version: 1.1.1l-150500.17.31.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)	CVE-2024-4741 SU-20242051-1 SUSE Bug#1225551 SUSE Mailing List [sle-security-updates] 2024-June#018732 SUSE Security Rating