Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.3.9.13
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: September 24, 2024 15:22
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: September 24, 2024 15:22
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
container-suseconnect | UNKNOWN | fixed |
Security update for container-suseconnect Vulnerability ID: SUSE-SU-2023:4511-1 Installed Version: 2.3.0-4.17.1 Fixed Version: 2.4.0-150000.4.44.1 This update of container-suseconnect fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). |
||
container-suseconnect | UNKNOWN | fixed |
Security update for container-suseconnect Vulnerability ID: SUSE-SU-2023:4807-1 Installed Version: 2.3.0-4.17.1 Fixed Version: 2.4.0-150000.4.46.1 This update of container-suseconnect fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). |
||
cpio | LOW | fixed |
Security update for cpio Vulnerability ID: SUSE-SU-2024:0824-1 Installed Version: 2.12-3.9.1 Fixed Version: 2.12-150000.3.12.1 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed path traversal vulnerability (bsc#1218571, bsc#1219238) |
||
dbus-1 | MEDIUM | fixed |
Security update for dbus-1 Vulnerability ID: SUSE-SU-2022:3805-1 Installed Version: 1.12.2-8.11.2 Fixed Version: 1.12.2-150100.8.14.1 This update for dbus-1 fixes the following issues: - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111). - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112). - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113). Bugfixes: - Disable asserts (bsc#1087072). |
||
dbus-1 | MEDIUM | fixed |
Security update for dbus-1 Vulnerability ID: SUSE-SU-2023:2879-1 Installed Version: 1.12.2-8.11.2 Fixed Version: 1.12.2-150100.8.17.1 This update for dbus-1 fixes the following issues: - CVE-2023-34969: Fixed a possible dbus-daemon crash by an unprivileged users (bsc#1212126). |