Lucene search
K

14 matches found

RedHat Linux
RedHat Linux
added 2025/12/18 1:35 a.m.6 views

python: Improper validation of IPv6 and IPvFuture addresses

A flaw was found in Python. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery SSRF if a URL is...

6.3CVSS7.3AI score0.0067EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.17 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-1961)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward...

7.5CVSS7.7AI score0.91969EPSS
Exploits1References4
OSV
OSV
added 2024/04/12 11:7 a.m.4 views

OESA-2024-1432 golang security update

The Go Programming Language. Security Fixes: The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different...

7.5CVSS7AI score0.01042EPSS
Exploits0References2
Veracode
Veracode
added 2024/03/17 5:30 p.m.24 views

Interpretation Differences

net/mail in GO is vulnerable to Interpretation Differences. The vulnerability is due to the ParseAddressList function incorrectly handling comments text within parentheses inside display names. The parser handles the display names different then conforming address parsers, which could result in...

7.5CVSS6.5AI score0.01042EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2024/03/12 8:24 a.m.20 views

BIT-GOLANG-2024-24784 Comments in display names are incorrectly handled in net/mail

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS6.9AI score0.01042EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/03/06 4:33 a.m.4 views

SUSE CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS7.2AI score0.01042EPSS
Exploits0References12
NVD
NVD
added 2024/03/05 11:15 p.m.30 views

CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS7.5AI score0.01042EPSS
Exploits0References6
OSV
OSV
added 2024/03/05 11:15 p.m.6 views

AZL-37519 CVE-2024-24784 affecting package golang for versions less than 1.21.6-1

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS6.7AI score0.01042EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.6 views

CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.9AI score
Exploits0References6
CVE
CVE
added 2024/03/05 10:22 p.m.354 views

CVE-2024-24784

The CVE-2024-24784 issue affects Go’s net/mail component (ParseAddressList) where comments in display names are incorrectly handled, causing mismatched trust decisions across parsers. The connected Astra Linux and Red Hat/AlmaLinux advisories confirm this vulnerability and tie it to golang/net/ma...

7.5CVSS7.5AI score0.01042EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/05 10:22 p.m.28 views

CVE-2024-24784 Comments in display names are incorrectly handled in net/mail

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.1AI score0.01042EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/03/05 10:22 p.m.25 views

CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS7.1AI score0.01042EPSS
Exploits0
OSV
OSV
added 2024/03/05 10:15 p.m.19 views

GO-2024-2609 Comments in display names are incorrectly handled in net/mail

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS6.9AI score0.01042EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2024/03/05 12:0 a.m.42 views

go -- multiple vulnerabilities

The Go project reports reports: crypto/x509: Verify panics on certificates with an unknown public key algorithm Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. net/http: memory exhaustion in...

7.5CVSS6.7AI score0.01165EPSS
Exploits0References1
Rows per page
Query Builder