Vulnerability Scan Report for registry.suse.com/suse/postgres:14-24.27
PostgreSQL 14 container based on the SLE Base Container Image.
Last scanned on: October 03, 2024 13:01
PostgreSQL 14 container based on the SLE Base Container Image.
Last scanned on: October 03, 2024 13:01
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
postgresql14 | HIGH | fixed |
Security update for postgresql16 Vulnerability ID: SUSE-SU-2024:3169-1 Installed Version: 14.10-150200.5.36.1 Fixed Version: 14.13-150200.5.47.1 This update for postgresql16 fixes the following issues: - Upgrade to 14.13 (bsc#1229013) - CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) |
||
postgresql14-server | HIGH | fixed |
Security update for postgresql14 Vulnerability ID: SUSE-SU-2024:0552-1 Installed Version: 14.10-150200.5.36.1 Fixed Version: 14.11-150200.5.39.1 This update for postgresql14 fixes the following issues: Upgrade to 14.11: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY (bsc#1219679). |
||
postgresql14-server | HIGH | fixed |
Security update for postgresql16 Vulnerability ID: SUSE-SU-2024:3169-1 Installed Version: 14.10-150200.5.36.1 Fixed Version: 14.13-150200.5.47.1 This update for postgresql16 fixes the following issues: - Upgrade to 14.13 (bsc#1229013) - CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) |
||
rpm-ndb | MEDIUM | fixed |
Security update for rpm Vulnerability ID: SUSE-SU-2024:1557-1 Installed Version: 4.14.3-150400.59.3.1 Fixed Version: 4.14.3-150400.59.16.1 This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: - accept more signature subpackets marked as critical (bsc#1218686) - backport limit support for the autopatch macro (bsc#1189495) |
||
shadow | MEDIUM | fixed |
Security update for shadow Vulnerability ID: SUSE-SU-2024:2658-1 Installed Version: 4.8.1-150400.10.12.1 Fixed Version: 4.8.1-150400.10.18.1 This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). |