Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-24784HistoryMar 05, 2024 - 11:15 p.m.
CVE-2024-24784
2024-03-0523:15:07
Debian Security Bug Tracker
security-tracker.debian.org
8
parseaddresslist
misalignment
address parsers
trust decisions
cve-2024-24784
unix
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | golang-1.11 | <= 1.11.6-1+deb10u4 | golang-1.11_1.11.6-1+deb10u4_all.deb |
| Debian | 11 | all | golang-1.15 | <= 1.15.15-1~deb11u4 | golang-1.15_1.15.15-1~deb11u4_all.deb |
| Debian | 12 | all | golang-1.19 | <= 1.19.8-2 | golang-1.19_1.19.8-2_all.deb |
| Debian | 999 | all | golang-1.21 | < 1.21.8-1 | golang-1.21_1.21.8-1_all.deb |
| Debian | 13 | all | golang-1.21 | < 1.21.8-1 | golang-1.21_1.21.8-1_all.deb |
| Debian | 999 | all | golang-1.22 | < 1.22.1-1 | golang-1.22_1.22.1-1_all.deb |
| Debian | 13 | all | golang-1.22 | < 1.22.1-1 | golang-1.22_1.22.1-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2024-03-05 23:15:00
osv
osv
BIT-golang-2024-24784
2024-03-12 08:24:22
Comments in display names are incorrectly handled in net/mail
2024-03-05 22:15:04
Important: golang security update
2024-05-10 14:32:42
cve
cve
CVE-2024-24784
2024-03-05 23:15:07
cvelist
cvelist
Comments in display names are incorrectly handled in net/mail
2024-03-05 22:22:32
alpinelinux
alpinelinux
CVE-2024-24784
2024-03-05 23:15:07
ubuntucve
ubuntucve
CVE-2024-24784
2024-03-05 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-24784 affecting package golang for versions less than 1.21.6-1
2024-05-13 09:07:00
cgr
cgr
CVE-2024-24784 vulnerabilities
2024-05-14 15:38:38
redhatcve
redhatcve
CVE-2024-24784
2024-03-06 03:33:31
wolfi
wolfi
CVE-2024-24784 vulnerabilities
2024-05-14 15:59:14
nessus
nessus
Golang < 1.21.8, 1.22.x < 1.22.1 Multiple Vulnerabilities
2024-03-07 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0811-1)
2024-03-11 00:00:00
openSUSE: Security Advisory for go1.22 (SUSE-SU-2024:0812-1)
2024-03-25 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2024-03-05 00:00:00
redhat
redhat
(RHSA-2024:2562) Important: golang security update
2024-04-30 11:38:52
rocky
rocky
golang security update
2024-05-10 14:32:42
oraclelinux
oraclelinux
golang security update
2024-05-07 00:00:00
almalinux
almalinux
Important: golang security update
2024-04-30 00:00:00