Lucene search
Veracode Vulnerability DatabaseVERACODE:47778HistoryJun 27, 2024 - 7:54 a.m.
Denial Of Service (DoS)
2024-06-2707:54:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
github
golang
image
dos
vulnerability
color indices
crash
exploit
software
6.5 Medium
AI Score
Confidence
High
github.com/golang/image is vulnerable to Denial of Service (DoS). The vulnerability is due to invalid color indices in a corrupt or crafted image. An attacker could exploit the lack of color index checks by providing an image with invalid color indices which triggers a crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/golang/image | le | v0.17.0 | |
| golang.org/x/image | le | v0.17.0 | |
| github.com/golang/image | le | v0.17.0 | |
| golang.org/x/image | le | v0.17.0 |
Related
cve
cve
CVE-2024-24792
2024-06-27 18:15:13
debiancve
debiancve
CVE-2024-24792
2024-06-27 18:15:13
osv
osv
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-26 19:26:38
CGA-ghrp-j9wv-h896
2024-06-28 13:19:28
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-25 22:06:09
cvelist
cvelist
github
github
Panic when parsing invalid palette-color images in golang.org/x/image
2024-06-26 19:26:38
wolfi
wolfi
CVE-2024-24792 vulnerabilities
2024-07-06 03:08:40
nvd
nvd
CVE-2024-24792
2024-06-27 18:15:13
ubuntucve
ubuntucve
CVE-2024-24792
2024-06-27 00:00:00