CVE-2021-23840 - HIGH severity - openssl: integer overflow in CipherUpdate vulnerability in libcrypto1.1

CVE-2021-3450 - HIGH severity - openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT vulnerability in libcrypto1.1

CVE-2021-23840 - HIGH severity - openssl: integer overflow in CipherUpdate vulnerability in libssl1.1

CVE-2021-3450 - HIGH severity - openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT vulnerability in libssl1.1

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Dockerfile not provided. Skipping sarif scan result.

CVE-2020-1971 - MEDIUM severity - openssl: EDIPARTYNAME NULL pointer de-reference vulnerability in libcrypto1.1

CVE-2021-23841 - MEDIUM severity - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() vulnerability in libcrypto1.1

CVE-2021-3449 - MEDIUM severity - openssl: NULL pointer dereference in signature_algorithms processing vulnerability in libcrypto1.1

CVE-2020-1971 - MEDIUM severity - openssl: EDIPARTYNAME NULL pointer de-reference vulnerability in libssl1.1

CVE-2021-23841 - MEDIUM severity - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() vulnerability in libssl1.1

CVE-2021-3449 - MEDIUM severity - openssl: NULL pointer dereference in signature_algorithms processing vulnerability in libssl1.1

CVE-2020-28928 - MEDIUM severity - In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ... vulnerability in musl

CVE-2020-28928 - MEDIUM severity - In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ... vulnerability in musl-utils

CVE-2021-23839 - LOW severity - openssl: incorrect SSLv2 rollback protection vulnerability in libcrypto1.1