Parsing a corrupt or malicious image with invalid color indices can cause a
panic.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | golang-golang-x-image | < any | UNKNOWN |
ubuntu | 20.04 | noarch | golang-golang-x-image | < any | UNKNOWN |
ubuntu | 22.04 | noarch | golang-golang-x-image | < any | UNKNOWN |
ubuntu | 23.10 | noarch | golang-golang-x-image | < any | UNKNOWN |
ubuntu | 24.04 | noarch | golang-golang-x-image | < any | UNKNOWN |
github.com/advisories/GHSA-9phm-fm57-rhg8
github.com/golang/go/issues/67624
go-review.googlesource.com/c/image/+/588115
go.dev/cl/588115
go.dev/issue/67624
launchpad.net/bugs/cve/CVE-2024-24792
nvd.nist.gov/vuln/detail/CVE-2024-24792
pkg.go.dev/vuln/GO-2024-2937
security-tracker.debian.org/tracker/CVE-2024-24792
www.cve.org/CVERecord?id=CVE-2024-24792