changes to create demo on python-anywhere.com

[jaihind213]

No description provided.

[github-actions]

🔍 Vulnerabilities of jaihind213/radio-duck:0.1.3-0.9.0-0.3

📦 Image Reference jaihind213/radio-duck:0.1.3-0.9.0-0.3

digest	sha256:539e0129e8d6a245513874b9830cd5367bb3713723c5f420a49ecc52ecb7cf25
vulnerabilities
platform	linux/amd64
size	2.6 GB
packages	555

📦 Base Image ubuntu:22.04

also known as	jammy jammy-20240111 latest
digest	sha256:cb2af41f42b9c9bc9bcdc7cf1735e3c4b3d95b2137be86fd940373471a34c8b0
vulnerabilities

duckdb 0.9.0 (pypi) pkg:pypi/duckdb@0.9.0 Affected range <0.9.3.dev6 Fixed version 0.9.3.dev6 CVSS Score 9.8 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Description DuckDB <=0.9.2 and DuckDB extension-template <=0.9.2 are vulnerable to malicious extension injection via the custom extension feature.

duckdb 0.9.1.dev0+g0d84ccf.d20240127 (pypi) pkg:pypi/duckdb@0.9.1.dev0+g0d84ccf.d20240127 Affected range <0.9.3.dev6 Fixed version 0.9.3.dev6 CVSS Score 9.8 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Description DuckDB <=0.9.2 and DuckDB extension-template <=0.9.2 are vulnerable to malicious extension injection via the custom extension feature.

linux 5.15.0-92.102 (deb) pkg:deb/ubuntu/linux@5.15.0-92.102?os_distro=jammy&os_name=ubuntu&os_version=22.04 Affected range <5.15.0-97.107 Fixed version 5.15.0-97.107 CVSS Score 7.8 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Description An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. Affected range <5.15.0-97.107 Fixed version 5.15.0-97.107 CVSS Score 7 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Description An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. Affected range <5.15.0-94.104 Fixed version 5.15.0-94.104 CVSS Score 4.7 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Description A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

cryptography 42.0.1 (pypi) pkg:pypi/cryptography@42.0.1 NULL Pointer Dereference Affected range >=38.0.0 <42.0.4 Fixed version 42.0.4 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description If pkcs12.serialize_key_and_certificates is called with both: A certificate whose public key did not match the provided private key An encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...) Then a NULL pointer dereference would occur, crashing the Python process. This has been resolved, and now a ValueError is properly raised. Patched in pyca/cryptography#10423