DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

Open
MEDIUM (4.3)
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 3.45

    main
  • T

    Tim Bastin fixed CVE-2024-7592

    main
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 3.45

    main
  • logo

    System updated the risk assessment to 1.72

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 3.45

    main

    System recalculated raw risk assessment

  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 3.45

    0.8.2
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 3.45

    HEAD
  • logo

    System updated the risk assessment to 1.72

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 1.72

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 1.72

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.72 to 0.86

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.86 to 1.72

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.72 to 3.45

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.72 to 3.45

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.72 to 3.45

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    main

    System recalculated raw risk assessment

  • logo

    System

    main
  • logo

    System fixed CVE-2024-7592

    main
  • logo

    System

    0.9.0
  • logo

    System detected CVE-2024-7592 with a risk of 1.72

    main
  • logo

    System

    0.9.0
  • logo

    System

    main
  • logo

    System fixed CVE-2024-7592

    main
  • logo

    System

    0.9.0
  • logo

    System detected CVE-2024-7592 with a risk of 1.72

    main
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 1.72

    add-first-party-scan-to-gitlap-pipeline
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 1.72

    add-jobs-tags
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 1.72

    0.11.1
  • T

    Tim Bastin detected CVE-2024-7592 with a risk of 1.72

    feautre/sarif-sbom-upload-components
  • logo

    System updated the risk assessment from 3.45 to 1.72

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • T

    Tim Bastin fixed CVE-2024-7592

    main
  • logo

    System updated the risk assessment from 1.72 to 3.45

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.45 to 1.72

    add/artifact-name-input

    System recalculated raw risk assessment

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    revert-c7057e5e

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    main

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add/artifact-name-input

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    0.8.2

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    chore/adds-additional-env-flags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.9.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.12.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.11.1

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    feautre/sarif-sbom-upload-components

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    attest

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add-first-party-scan-to-gitlap-pipeline

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    fix-attest.yaml

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add-jobs-tags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    HEAD

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    examples

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • logo

    System updated the risk assessment from 2.12 to 2.13

    0.11.1

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 4.26

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    revert-c7057e5e

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 4.26

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    0.12.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    add-first-party-scan-to-gitlap-pipeline

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 4.26

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    add/artifact-name-input

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    add-jobs-tags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 2.13

    feautre/sarif-sbom-upload-components

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    add/artifact-name-input

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    0.11.1

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    revert-c7057e5e

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    add-first-party-scan-to-gitlap-pipeline

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.26 to 2.13

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    add-jobs-tags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    0.12.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.26 to 2.13

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.13 to 4.26

    feautre/sarif-sbom-upload-components

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2024-7592

    add/artifact-name-input
  • logo

    System fixed CVE-2024-7592

    attest
  • logo

    System fixed CVE-2024-7592

    0.11.1
  • logo

    System fixed CVE-2024-7592

    examples
  • logo

    System fixed CVE-2024-7592

    0.9.0
  • logo

    System fixed CVE-2024-7592

    chore/adds-additional-env-flags
  • logo

    System fixed CVE-2024-7592

    revert-c7057e5e
  • logo

    System fixed CVE-2024-7592

    0.12.0
  • logo

    System fixed CVE-2024-7592

    add-jobs-tags
  • logo

    System fixed CVE-2024-7592

    fix-attest.yaml
  • logo

    System fixed CVE-2024-7592

    feautre/sarif-sbom-upload-components
  • logo

    System fixed CVE-2024-7592

    add-first-party-scan-to-gitlap-pipeline
  • logo

    System fixed CVE-2024-7592

    0.8.2
  • logo

    System fixed CVE-2024-7592

    HEAD
  • logo

    System fixed CVE-2024-7592

    main
  • logo

    System detected CVE-2024-7592 with a risk of 2.13

    add/artifact-name-input
  • logo

    System updated the risk assessment from 2.13 to 4.26

    HEAD

    System recalculated raw risk assessment

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/python3.11

Installed version:
3.11.2-6
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5