Lucene search
HistoryMar 05, 2024 - 11:15 p.m.
CVE-2024-24786
security
information security
cve-2024-24786
json
unmarshaling
nvd
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CNA Affected
[
{
"vendor": "google.golang.org/protobuf",
"product": "google.golang.org/protobuf/encoding/protojson",
"collectionURL": "https://pkg.go.dev",
"packageName": "google.golang.org/protobuf/encoding/protojson",
"versions": [
{
"version": "0",
"lessThan": "1.33.0",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "UnmarshalOptions.unmarshal"
},
{
"name": "Unmarshal"
},
{
"name": "UnmarshalOptions.Unmarshal"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "google.golang.org/protobuf",
"product": "google.golang.org/protobuf/internal/encoding/json",
"collectionURL": "https://pkg.go.dev",
"packageName": "google.golang.org/protobuf/internal/encoding/json",
"versions": [
{
"version": "0",
"lessThan": "1.33.0",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "Decoder.Read"
},
{
"name": "Decoder.Peek"
}
],
"defaultStatus": "unaffected"
}
]Related
cbl_mariner
cbl_mariner
nessus
nessus
RHEL 7 : rhc-worker-script (RHSA-2024:1874)
2024-04-18 00:00:00
RHEL 9 : buildah update (Moderate) (RHSA-2024:2550)
2024-04-30 00:00:00
Fedora 38 : kubernetes (2024-5bae6c0ea7)
2024-03-23 00:00:00
almalinux
almalinux
Moderate: buildah bug fix update
2024-04-30 00:00:00
Moderate: skopeo security and bug fix update
2024-04-30 00:00:00
Moderate: podman security and bug fix update
2024-04-30 00:00:00
osv
osv
Moderate: buildah bug fix update
2024-05-10 14:32:42
google-guest-agent, google-osconfig-agent vulnerability
2024-04-23 11:38:08
redhatcve
redhatcve
CVE-2024-24786
2024-03-06 07:12:54
openvas
openvas
Ubuntu: Security Advisory (USN-6746-2)
2024-06-26 00:00:00
Ubuntu: Security Advisory (USN-6746-1)
2024-04-24 00:00:00
Fedora: Security Advisory for kubernetes (FEDORA-2024-5bae6c0ea7)
2024-03-25 00:00:00
cvelist
cvelist
redhat
redhat
fedora
fedora
[SECURITY] Fedora 38 Update: kubernetes-1.26.15-1.fc38
2024-03-24 01:36:01
ubuntu
ubuntu
Google Guest Agent and Google OS Config Agent vulnerability
2024-06-25 00:00:00
Google Guest Agent and Google OS Config Agent vulnerability
2024-04-23 00:00:00
github
github
nvd
nvd
CVE-2024-24786
2024-03-05 23:15:07
alpinelinux
alpinelinux
CVE-2024-24786
2024-03-05 23:15:07
vulnrichment
vulnrichment
veracode
veracode
Infinite Loop
2024-04-02 06:02:07
debiancve
debiancve
CVE-2024-24786
2024-03-05 23:15:07
cgr
cgr
CVE-2024-24786 vulnerabilities
2024-05-19 03:07:16
oraclelinux
oraclelinux
buildah bug fix update
2024-05-07 00:00:00
skopeo security and bug fix update
2024-05-07 00:00:00
cri-o security update
2024-04-26 00:00:00
wolfi
wolfi
CVE-2024-24786 vulnerabilities
2024-07-01 09:08:36
rocky
rocky
buildah bug fix update
2024-05-10 14:32:42
skopeo security and bug fix update
2024-05-10 14:32:42
podman security and bug fix update
2024-05-10 14:32:42
ubuntucve
ubuntucve
CVE-2024-24786
2024-03-05 00:00:00
redos
redos
ROS-20240522-06
2024-05-22 00:00:00
prion
prion
Design/Logic Flaw
2024-03-05 23:15:00
amazon
amazon
Medium: amazon-cloudwatch-agent
2024-05-23 22:04:00
Medium: cri-tools
2024-06-06 20:17:00
