Vulnerability Scan Report for registry.suse.com/bci/golang:1.21
Go 1.21 development container based on the SLE Base Container Image.
Last scanned on: June 13, 2025 20:23

Go 1.21 development container based on the SLE Base Container Image.
Last scanned on: June 13, 2025 20:23
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2025:0369-1 Installed Version: 8.6.0-150600.4.3.1 Fixed Version: 8.6.0-150600.4.21.1 This update for curl fixes the following issues: - CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590) - CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588) |
||
git-core | HIGH | fixed |
Security update for git Vulnerability ID: SUSE-SU-2025:0116-1 Installed Version: 2.43.0-150600.3.6.1 Fixed Version: 2.43.0-150600.3.9.1 This update for git fixes the following issues: - CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). - CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). |
||
glibc | HIGH | fixed |
Security update for glibc Vulnerability ID: SUSE-SU-2025:01702-1 Installed Version: 2.38-150600.14.5.1 Fixed Version: 2.38-150600.14.32.1 This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317). |
||
glibc | LOW | fixed |
Security update for glibc Vulnerability ID: SUSE-SU-2025:0582-1 Installed Version: 2.38-150600.14.5.1 Fixed Version: 2.38-150600.14.23.1 This update for glibc fixes the following issues: - CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282) |
||
glibc-devel | HIGH | fixed |
Security update for glibc Vulnerability ID: SUSE-SU-2025:01702-1 Installed Version: 2.38-150600.14.5.1 Fixed Version: 2.38-150600.14.32.1 This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317). |