Skip to content

Commit

Permalink
Assign IDs
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions committed Jun 27, 2024
1 parent 3345359 commit 93e2816
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion advisories/.id-allocator
Original file line number Diff line number Diff line change
@@ -1 +1 @@
874b9198900f2c90b5f0f8316e8e8878d6ef9f0fe118bc2c209e74b4d89a6d54
5c50e8a4079ddee726a69347a60227274e0ea1646e4788fafc117382f366691d
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
{
"modified": "2024-06-27T21:10:41Z",
"published": "2024-06-27T21:05:31Z",
"schema_version": "1.5.0",
"id": "PSF-0000-CVE-2024-5642",
"id": "PSF-2024-6",
"aliases": [
"CVE-2024-5642"
],
"published": "2024-06-27T21:05:31.281Z",
"modified": "2024-06-27T21:10:41.861Z",
"details": "CPython 3.9 and earlier doesn't disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).",
"affected": [
{
Expand Down Expand Up @@ -46,4 +46,4 @@
"database_specific": {
"cwe_ids": []
}
}
}

0 comments on commit 93e2816

Please sign in to comment.