Vulnerability Scan Report for registry.suse.com/bci/bci-micro:15.4.18.2

A micro environment for containers based on the SLE Base Container Image.

registry.suse.com/bci/bci-micro:15.4.18.2

Last scanned on: July 07, 2025 09:52

Package Name	Severity	Status	Description	Reference links
glibc	MEDIUM	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2023:1718-1 Installed Version: 2.31-150300.41.1 Fixed Version: 2.31-150300.46.1 This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-0687: Fix allocated buffer overflow in gmon (bsc#1207975) Other issues fixed: - Fix avx2 strncmp offset compare condition check (bsc#1208358) - elf: Allow dlopen of filter object to work (bsc#1207571) - powerpc: Fix unrecognized instruction errors with recent GCC - x86: Cache computation for AMD architecture (bsc#1207957)	CVE-2023-0687 SU-20231718-1 SUSE Bug#1207571 SUSE Bug#1207957 SUSE Bug#1207975 SUSE Bug#1208358 SUSE Mailing List [sle-security-updates] 2023-March#014292 SUSE Security Rating
glibc	MEDIUM	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2023:4110-1 Installed Version: 2.31-150300.41.1 Fixed Version: 2.31-150300.63.1 This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-4813: Fixed a potential use-after-free in gaih_inet() (bsc#1215286, BZ #28931) Also a regression from a previous update was fixed: - elf: Align argument of __munmap to page size (bsc#1215891, BZ #28676)	CVE-2023-4813 SU-20234110-1 SUSE Bug#1215286 SUSE Bug#1215891 SUSE Mailing List [sle-security-updates] 2023-October#016723 SUSE Security Rating
glibc	LOW	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2025:0562-1 Installed Version: 2.31-150300.41.1 Fixed Version: 2.31-150300.92.1 This update for glibc fixes the following issues: - CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)	CVE-2025-0395 SU-20250562-1 SUSE Bug#1236282 SUSE Mailing List [sle-security-updates] 2025-February#020358 SUSE Security Rating
glibc	UNKNOWN	fixed	Security update for glibc Vulnerability ID: SUSE-SU-2024:0870-1 Installed Version: 2.31-150300.41.1 Fixed Version: 2.31-150300.68.1 This update for glibc fixes the following issues: Security issues fixed: - qsort: harden handling of degenerated / non transient compare function (bsc#1218866) Other issues fixed: - getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163) - aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)	SU-20240870-1 SUSE Bug#1217445 SUSE Bug#1217589 SUSE Bug#1218866 SUSE Mailing List [sle-security-updates] 2024-March#018164 SUSE Security Rating
libcap2	MEDIUM	fixed	Security update for libcap Vulnerability ID: SUSE-SU-2023:2765-1 Installed Version: 2.63-150400.1.7 Fixed Version: 2.63-150400.3.3.1 This update for libcap fixes the following issues: - CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418). - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419).	CVE-2023-2602 CVE-2023-2603 SU-20232765-1 SUSE Bug#1211418 SUSE Bug#1211419 SUSE Mailing List [sle-security-updates] 2023-July#015408 SUSE Security Rating