Vulnerability Scan Report for registry.suse.com/suse/sle15:15.2.9.5.326
Image containing a minimal environment for containers based on SUSE Linux Enterprise Server 15 SP2.
Last scanned on: June 05, 2025 03:01

Image containing a minimal environment for containers based on SUSE Linux Enterprise Server 15 SP2.
Last scanned on: June 05, 2025 03:01
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
libxml2-2 | HIGH | fixed |
Security update for libxml2 Vulnerability ID: SUSE-SU-2024:0461-2 Installed Version: 2.9.7-150000.3.57.1 Fixed Version: 2.9.7-150000.3.66.1 This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576). |
||
libxml2-2 | MEDIUM | fixed |
Security update for libxml2 Vulnerability ID: SUSE-SU-2023:3698-1 Installed Version: 2.9.7-150000.3.57.1 Fixed Version: 2.9.7-150000.3.60.1 This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768). |
||
libzypp | MEDIUM | fixed |
Recommended update for libzypp, zypper, PackageKit Vulnerability ID: SUSE-RU-2024:1202-1 Installed Version: 17.31.14-150200.70.1 Fixed Version: 17.32.2-150200.92.3 This update for libzypp, zypper, PackageKit fixes the following issues: - Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014) - CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544) - Add resolver option 'removeOrphaned' for distupgrade (bsc#1221525) - New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014) - Add default stripe minimum - Don't expose std::optional where YAST/PK explicitly use c++11. - Digest: Avoid using the deprecated OPENSSL_config - version 17.32.0 - ProblemSolution::skipsPatchesOnly overload to handout the patches - Show active dry-run/download-only at the commit propmpt - Add --skip-not-applicable-patches option - Fix printing detailed solver problem description - Fix bash-completion to work with right adjusted numbers in the 1st column too - Set libzypp shutdown request signal on Ctrl+C - In the detailed view show all baseurls not just the first one (bsc#1218171) |
||
openssl-1_1 | HIGH | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2024:2035-1 Installed Version: 1.1.1d-150200.11.72.1 Fixed Version: 1.1.1d-150200.11.91.1 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) |
||
openssl-1_1 | MEDIUM | fixed |
Security update for openssl-1_1 Vulnerability ID: SUSE-SU-2023:3291-2 Installed Version: 1.1.1d-150200.11.72.1 Fixed Version: 1.1.1d-150200.11.75.1 This update for openssl-1_1 fixes the following issues: - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853) |