Vulnerability Scan Report for registry.suse.com/bci/golang:1.20-2.18

Go 1.21 development container based on the SLE Base Container Image.

registry.suse.com/bci/golang:1.20-2.18

Last scanned on: May 19, 2025 05:56

Package Name	Severity	Status	Description	Reference links
procps	LOW	fixed	Security update for procps Vulnerability ID: SUSE-SU-2025:0741-1 Installed Version: 3.3.15-150000.7.28.1 Fixed Version: 3.3.17-150000.7.42.1 This update for procps fixes the following issues: - Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space (bsc#1236842, bsc#1214290).	CVE-2023-4016 SU-20250741-1 SUSE Bug#1214290 SUSE Bug#1236842 SUSE Mailing List [sle-security-updates] 2025-February#020453 SUSE Security Rating
rpm-ndb	MEDIUM	fixed	Security update for rpm Vulnerability ID: SUSE-SU-2024:1557-1 Installed Version: 4.14.3-150300.55.1 Fixed Version: 4.14.3-150400.59.16.1 This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: - accept more signature subpackets marked as critical (bsc#1218686) - backport limit support for the autopatch macro (bsc#1189495)	CVE-2021-3521 SU-20241557-1 SUSE Bug#1189495 SUSE Bug#1191175 SUSE Bug#1218686 SUSE Mailing List [sle-security-updates] 2024-May#018482 SUSE Security Rating
shadow	MEDIUM	fixed	Security update for shadow Vulnerability ID: SUSE-SU-2023:2066-1 Installed Version: 4.8.1-150400.10.3.1 Fixed Version: 4.8.1-150400.10.6.1 This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).	CVE-2023-29383 SU-20232066-1 SUSE Bug#1210507 SUSE Mailing List [sle-security-updates] 2023-April#014670 SUSE Security Rating
shadow	MEDIUM	fixed	Security update for shadow Vulnerability ID: SUSE-SU-2024:2658-1 Installed Version: 4.8.1-150400.10.3.1 Fixed Version: 4.8.1-150400.10.18.1 This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845).	CVE-2013-4235 SU-20242658-1 SUSE Bug#916845 SUSE Mailing List [sle-updates] 2024-July#036190 SUSE Security Rating
shadow	LOW	fixed	Security update for shadow Vulnerability ID: SUSE-SU-2023:4024-1 Installed Version: 4.8.1-150400.10.3.1 Fixed Version: 4.8.1-150400.10.12.1 This update for shadow fixes the following issues: - CVE-2023-4641: Fixed potential password leak (bsc#1214806).	CVE-2023-4641 SU-20234024-1 SUSE Bug#1214806 SUSE Mailing List [sle-security-updates] 2023-October#016612 SUSE Security Rating