Vulnerability Scan Report for registry.suse.com/suse/postgres:14-21.20

PostgreSQL 15 container based on the SLE Base Container Image.

registry.suse.com/suse/postgres:14-21.20

Last scanned on: March 11, 2025 21:34

Package Name	Severity	Status	Description	Reference links
libblkid1	HIGH	fixed	Security update for util-linux Vulnerability ID: SUSE-SU-2024:1169-1 Installed Version: 2.37.2-150400.8.17.1 Fixed Version: 2.37.2-150400.8.29.1 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831)	CVE-2024-28085 SU-20241169-1 SUSE Bug#1207987 SUSE Bug#1220117 SUSE Bug#1221831 SUSE Mailing List [sle-updates] 2024-April#034905 SUSE Security Rating
libcap2	MEDIUM	fixed	Security update for libcap Vulnerability ID: SUSE-SU-2023:2765-1 Installed Version: 2.63-150400.1.7 Fixed Version: 2.63-150400.3.3.1 This update for libcap fixes the following issues: - CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418). - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419).	CVE-2023-2602 CVE-2023-2603 SU-20232765-1 SUSE Bug#1211418 SUSE Bug#1211419 SUSE Mailing List [sle-security-updates] 2023-July#015408 SUSE Security Rating
libcurl4	HIGH	fixed	Security update for curl Vulnerability ID: SUSE-SU-2023:3823-1 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.29.1 This update for curl fixes the following issues: - CVE-2023-38039: Fixed possible DoS when receiving too large HTTP header. (bsc#1215026)	CVE-2023-38039 SU-20233823-1 SUSE Bug#1215026 SUSE Mailing List [sle-updates] 2023-September#031742 SUSE Security Rating
libcurl4	HIGH	fixed	Security update for curl Vulnerability ID: SUSE-SU-2023:4044-1 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.32.1 This update for curl fixes the following issues: - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. (bsc#1215888) - CVE-2023-38546: Fixed a cookie injection with none file. (bsc#1215889)	CVE-2023-38545 CVE-2023-38546 SU-20234044-1 SUSE Bug#1215888 SUSE Bug#1215889 SUSE Mailing List [sle-updates] 2023-October#032069 SUSE Security Rating
libcurl4	MEDIUM	fixed	Security update for curl Vulnerability ID: SUSE-SU-2023:2891-1 Installed Version: 8.0.1-150400.5.23.1 Fixed Version: 8.0.1-150400.5.26.1 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237).	CVE-2023-32001 SU-20232891-1 SUSE Bug#1213237 SUSE Mailing List [sle-security-updates] 2023-July#015534 SUSE Security Rating