Lucene search
GoogleOSV:CVE-2024-24790HistoryJun 05, 2024 - 4:15 p.m.
CVE-2024-24790
2024-06-0516:15:10
Google
osv.dev
1
ipv4-mapped
is methods
ipv6
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
26.9%
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.
Related
osv
osv
CGA-4rxx-69w2-r84m
2024-07-15 21:52:33
CGA-3fhf-jv24-6cf9
2024-06-07 09:04:06
CGA-595p-4f64-5vqq
2024-06-07 20:04:20
nessus
nessus
Amazon Linux 2 : runc (ALASDOCKER-2024-043)
2024-08-29 00:00:00
Amazon Linux 2023 : runc (ALAS2023-2024-710)
2024-09-09 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-24790 affecting package golang for versions less than 1.21.11-1
2024-09-28 16:03:15
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
26.9%
Related for OSV:CVE-2024-24790