Vulnerability Scan Report for registry.suse.com/bci/golang:1.18-19.12
Go 1.21 development container based on the SLE Base Container Image.
Last scanned on: November 02, 2024 05:33
Go 1.21 development container based on the SLE Base Container Image.
Last scanned on: November 02, 2024 05:33
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
curl | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:2224-1 Installed Version: 7.79.1-150400.5.12.1 Fixed Version: 8.0.1-150400.5.23.1 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). |
||
curl | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:3823-1 Installed Version: 7.79.1-150400.5.12.1 Fixed Version: 8.0.1-150400.5.29.1 This update for curl fixes the following issues: - CVE-2023-38039: Fixed possible DoS when receiving too large HTTP header. (bsc#1215026) |
||
curl | HIGH | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:4044-1 Installed Version: 7.79.1-150400.5.12.1 Fixed Version: 8.0.1-150400.5.32.1 This update for curl fixes the following issues: - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. (bsc#1215888) - CVE-2023-38546: Fixed a cookie injection with none file. (bsc#1215889) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:1582-1 Installed Version: 7.79.1-150400.5.12.1 Fixed Version: 7.79.1-150400.5.18.1 This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209). - CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210). - CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211). - CVE-2023-27536: Fixed GSS delegation too eager connection reuse (bsc#1209212). - CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214). |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2023:2891-1 Installed Version: 7.79.1-150400.5.12.1 Fixed Version: 8.0.1-150400.5.26.1 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237). |