Lucene search
HistoryJun 27, 2024 - 6:15 p.m.
CVE-2024-24792
cve-2024-24792
parsing
corrupt images
golang
color indices
Parsing a corrupt or malicious image with invalid color indices can cause a panic.
CNA Affected
[
{
"vendor": "golang.org/x/image",
"product": "golang.org/x/image/tiff",
"collectionURL": "https://pkg.go.dev",
"packageName": "golang.org/x/image/tiff",
"versions": [
{
"version": "0",
"lessThan": "0.18.0",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "decoder.decode"
},
{
"name": "Decode"
}
],
"defaultStatus": "unaffected"
}
]Related
github
github
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-26 19:26:38
cvelist
cvelist
wolfi
wolfi
CVE-2024-24792 vulnerabilities
2024-06-28 15:21:31
debiancve
debiancve
CVE-2024-24792
2024-06-27 18:15:13
osv
osv
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-26 19:26:38
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-25 22:06:09
nvd
nvd
CVE-2024-24792
2024-06-27 18:15:13