CVE-2024-52533 - HIGH severity - glib: buffer overflow in set_connect_msg() vulnerability in libglib2.0-0

CVE-2024-52533 - HIGH severity - glib: buffer overflow in set_connect_msg() vulnerability in libglib2.0-bin

CVE-2024-52533 - HIGH severity - glib: buffer overflow in set_connect_msg() vulnerability in libglib2.0-data

CVE-2024-7592 - HIGH severity - cpython: python: Uncontrolled CPU resource consumption when in http.cookies module vulnerability in libpython3.11-minimal

CVE-2024-7592 - HIGH severity - cpython: python: Uncontrolled CPU resource consumption when in http.cookies module vulnerability in libpython3.11-stdlib

CVE-2024-47745 - HIGH severity - kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages() vulnerability in linux-libc-dev

CVE-2024-49861 - HIGH severity - kernel: bpf: Fix helper writes to read-only maps vulnerability in linux-libc-dev

CVE-2024-49996 - HIGH severity - kernel: cifs: Fix buffer overflow when parsing NFS reparse points vulnerability in linux-libc-dev

CVE-2024-50055 - HIGH severity - kernel: driver core: bus: Fix double free in driver API bus_register() vulnerability in linux-libc-dev

CVE-2024-50121 - HIGH severity - kernel: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net vulnerability in linux-libc-dev

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Dockerfile not provided. Skipping sarif scan result.

CVE-2023-27043 - MEDIUM severity - python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple vulnerability in libpython3.11-minimal

CVE-2024-6923 - MEDIUM severity - cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection vulnerability in libpython3.11-minimal

CVE-2024-9287 - MEDIUM severity - python: Virtual environment (venv) activation scripts don't quote paths vulnerability in libpython3.11-minimal

CVE-2023-27043 - MEDIUM severity - python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple vulnerability in libpython3.11-stdlib

CVE-2024-6923 - MEDIUM severity - cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection vulnerability in libpython3.11-stdlib

CVE-2024-9287 - MEDIUM severity - python: Virtual environment (venv) activation scripts don't quote paths vulnerability in libpython3.11-stdlib

CVE-2022-49034 - MEDIUM severity - kernel: sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK vulnerability in linux-libc-dev

CVE-2023-52916 - MEDIUM severity - kernel: media: aspeed: Fix memory overwrite if timing is 1600x900 vulnerability in linux-libc-dev

CVE-2024-26595 - MEDIUM severity - kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path vulnerability in linux-libc-dev

CVE-2024-11168 - LOW severity - python: Improper validation of IPv6 and IPvFuture addresses vulnerability in libpython3.11-minimal

CVE-2024-11168 - LOW severity - python: Improper validation of IPv6 and IPvFuture addresses vulnerability in libpython3.11-stdlib

CVE-2024-53161 - LOW severity - kernel: EDAC/bluefield: Fix potential integer overflow vulnerability in linux-libc-dev

CVE-2024-11168 - LOW severity - python: Improper validation of IPv6 and IPvFuture addresses vulnerability in python3.11