Msrc Cbl2 Gh 2.13.0-24 On Cbl Mariner 2.0 vulnerabilities
3 known vulnerabilities affecting msrc/cbl2_gh_2.13.0-24_on_cbl_mariner_2.0.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-54132MEDIUMCVSS 6.32024-12-10
CVE-2024-54132 [MEDIUM] CWE-22 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the c
msrc
CVE-2024-53858MEDIUMCVSS 6.52024-11-12
CVE-2024-53858 [MEDIUM] CWE-200 Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cli
Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cli
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it
msrc
CVE-2021-43565HIGHCVSS 7.52022-09-13
CVE-2021-43565 [HIGH] The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Az
msrc