DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Open
LOW (3.0)
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 2.54

    main
  • T

    Tim Bastin fixed CVE-2024-6923

    main
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 2.54

    main
  • logo

    System updated the risk assessment to 1.27

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 2.54

    main

    System recalculated raw risk assessment

  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 2.54

    0.8.2
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 2.54

    HEAD
  • logo

    System updated the risk assessment to 1.27

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 1.27

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment to 1.27

    main

    System recalculated raw risk assessment

  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 0.85

    0.9.0
  • logo

    System updated the risk assessment from 1.27 to 0.63

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.85 to 0.63

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.63 to 1.27

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.63 to 1.27

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.54 to 1.27

    main

    System recalculated raw risk assessment

  • logo

    System

    main
  • logo

    System fixed CVE-2024-6923

    main
  • logo

    System

    0.9.0
  • logo

    System detected CVE-2024-6923 with a risk of 1.27

    main
  • logo

    System

    0.9.0
  • logo

    System

    main
  • logo

    System fixed CVE-2024-6923

    main
  • logo

    System

    0.9.0
  • logo

    System detected CVE-2024-6923 with a risk of 1.27

    main
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 1.27

    add-first-party-scan-to-gitlap-pipeline
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 1.27

    add-jobs-tags
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 1.27

    0.11.1
  • T

    Tim Bastin detected CVE-2024-6923 with a risk of 1.27

    feautre/sarif-sbom-upload-components
  • logo

    System updated the risk assessment from 0.63 to 1.27

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.63 to 1.27

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0.63 to 1.27

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    attest

    System recalculated raw risk assessment

  • T

    Tim Bastin

    examples
  • logo

    System updated the risk assessment from 2.54 to 1.27

    examples

    System recalculated raw risk assessment

  • logo

    System

    attest
  • logo

    System updated the risk assessment from 2.54 to 1.27

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.27 to 2.54

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System

    fix-attest.yaml
  • logo

    System updated the risk assessment from 2.54 to 1.27

    fix-attest.yaml

    System recalculated raw risk assessment

  • T

    Tim Bastin fixed CVE-2024-6923

    main
  • logo

    System

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • logo

    System updated the risk assessment from 1.27 to 2.54

    main

    System recalculated raw risk assessment

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    revert-c7057e5e

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    add-first-party-scan-to-gitlap-pipeline

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    fix-attest.yaml

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    examples

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.54 to 2.75

    0.8.2

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    attest

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    chore/adds-additional-env-flags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    add/artifact-name-input

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.54 to 2.75

    main

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    0.11.1

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    0.9.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    add-jobs-tags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    0.12.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.27 to 1.37

    feautre/sarif-sbom-upload-components

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.54 to 2.75

    HEAD

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.75 to 3.05

    HEAD

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    attest

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    add-first-party-scan-to-gitlap-pipeline

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    fix-attest.yaml

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    examples

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    chore/adds-additional-env-flags

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    add/artifact-name-input

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    0.11.1

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.75 to 3.05

    0.8.2

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    0.9.0

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    add-jobs-tags

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    0.12.0

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    feautre/sarif-sbom-upload-components

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.37 to 1.52

    revert-c7057e5e

    Confidentiality Requirement updated: low -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.75 to 3.05

    main

    Confidentiality Requirement updated: low -> high

  • logo

    System updated the risk assessment from 1.52 to 3.05

    add/artifact-name-input

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    0.11.1

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    revert-c7057e5e

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    add-first-party-scan-to-gitlap-pipeline

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.05 to 1.52

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    add-jobs-tags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    0.12.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 3.05 to 1.52

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.52 to 3.05

    feautre/sarif-sbom-upload-components

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2024-6923

    add/artifact-name-input
  • logo

    System fixed CVE-2024-6923

    attest
  • logo

    System fixed CVE-2024-6923

    0.11.1
  • logo

    System fixed CVE-2024-6923

    examples
  • logo

    System fixed CVE-2024-6923

    0.9.0
  • logo

    System fixed CVE-2024-6923

    chore/adds-additional-env-flags
  • logo

    System fixed CVE-2024-6923

    revert-c7057e5e
  • logo

    System fixed CVE-2024-6923

    0.12.0
  • logo

    System fixed CVE-2024-6923

    add-jobs-tags
  • logo

    System fixed CVE-2024-6923

    fix-attest.yaml
  • logo

    System fixed CVE-2024-6923

    feautre/sarif-sbom-upload-components
  • logo

    System fixed CVE-2024-6923

    add-first-party-scan-to-gitlap-pipeline
  • logo

    System fixed CVE-2024-6923

    0.8.2
  • logo

    System fixed CVE-2024-6923

    HEAD
  • logo

    System fixed CVE-2024-6923

    main
  • logo

    System detected CVE-2024-6923 with a risk of 1.52

    add/artifact-name-input
  • logo

    System updated the risk assessment from 1.52 to 3.05

    HEAD

    System recalculated raw risk assessment

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/python3.11

Installed version:
3.11.2-6
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5