Lucene search
Redhat.comRH:CVE-2023-24535HistoryJun 14, 2023 - 9:15 a.m.
CVE-2023-24535
2023-06-1409:15:29
redhat.com
access.redhat.com
12
cve-2023-24535
golang implementation
protobuf protocol
parsing
text-format
panic
security flaw
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.1%
A flaw was found in the golang implementation of the protobuf protocol. This issue occurs when parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input, which will cause a panic.
Related
cgr
cgr
CVE-2023-24535 vulnerabilities
2024-05-19 03:07:16
osv
osv
Panic when parsing invalid messages in google.golang.org/protobuf
2023-03-14 16:47:00
google.golang.org/protobuf vulnerable to panic leading to denial of service
2023-03-14 23:01:50
CVE-2023-24535
2023-06-08 21:15:16
veracode
veracode
Denial Of Service (DoS)
2023-03-16 02:17:33
ubuntucve
ubuntucve
CVE-2023-24535
2023-06-08 00:00:00
debiancve
debiancve
CVE-2023-24535
2023-06-08 21:15:16
nessus
nessus
Google Protobuf Go Module 1.29 < 1.29.1 DoS
2023-04-12 00:00:00
ibm
ibm
nvd
nvd
CVE-2023-24535
2023-06-08 21:15:16
cve
cve
CVE-2023-24535
2023-06-08 21:15:16
prion
prion
Input validation
2023-06-08 21:15:00
cvelist
cvelist
github
github
google.golang.org/protobuf vulnerable to panic leading to denial of service
2023-03-14 23:01:50
wolfi
wolfi
CVE-2023-24535 vulnerabilities
2024-10-01 21:13:23
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
34.1%
Related for RH:CVE-2023-24535