Astra Linux - уязвимость в golang-1.19

The various “Is” methods IsPrivate, IsLoopback, etc. did not work as expected for IPv4-mapped IPv6 addresses. They returned false for addresses that would return true in their traditional IPv4 form...

The vulnerability of the `net-netip` component in the Golang programming language, related to improper access control, allows attackers to bypass existing access restrictions policies.

The vulnerability of the net-netip component in the Golang programming language is related to the incorrect operation of methods such as Is IsPrivate, IsLoopback, etc.. Exploiting this vulnerability can allow an attacker to circumvent existing access control policies...

AZL-42403 CVE-2024-24790 affecting package golang for versions less than 1.21.11-1

The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms...

AZL-79050 CVE-2024-24790 affecting package golang 1.25.7-1

The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms...

AZL-42409 CVE-2024-24790 affecting package golang for versions less than 1.18.8-4

The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms...

Improper Check for Unusual or Exceptional Conditions

Overview std/net/netip is a Go standard library package std/net/netip Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions. Go Vulnerability Report:The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6...