CVE-2024-0684

A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.

https://github.com/l3montree-dev/devguard-action/issues/153

Fixed

LOW (3.5)

System detected CVE-2024-0684 with a risk of 1.75
main
System created a ticket for CVE-2024-0684
main
Everything after this entry will be synced with the external system. The ticket can be found at https://github.com/l3montree-dev/devguard-action/issues/101
System detected CVE-2024-0684 on another ref: main
main
System created a ticket for CVE-2024-0684
main
Everything after this entry will be synced with the external system. The ticket can be found at undefined
System detected CVE-2024-0684 with scanner: container-scanning:test
main
S
Sebastian Kawelke updated the risk assessment from 1.75 to 3.35
main
Confidentiality Requirement updated: high -> low, Availability Requirement updated: low -> high
System updated the risk assessment from 3.35 to 3.45
main
System recalculated raw risk assessment
System removed scanner: container-scanning
main
System fixed CVE-2024-0684
main

Reopen this vulnerability

Comment will be synced with https://github.com/l3montree-dev/devguard-action/issues/153

Last calculated at:

Affected component

debian/coreutils

Installed version:

9.1-1

Fixed in:

no patch available

Show in dependency graph

/🛡️ DevGuard
Group
/🧩 DevGuard Action
Repository

CVE-2024-0684

Reopen this vulnerability

Affected component

Management decisions across the organization