CVE-2024-24792
Published: 27 June 2024
Parsing a corrupt or malicious image with invalid color indices can cause a panic.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
golang-golang-x-image
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Needs triage
|
|
| jammy |
Needs triage
|
|
| mantic |
Ignored
(end of life, was needs-triage)
|
|
| noble |
Needs triage
|
|
| upstream |
Needs triage
|
References
- https://www.cve.org/CVERecord?id=CVE-2024-24792
- https://github.com/advisories/GHSA-9phm-fm57-rhg8
- https://github.com/golang/go/issues/67624
- https://go-review.googlesource.com/c/image/+/588115
- https://go.dev/cl/588115
- https://go.dev/issue/67624
- https://pkg.go.dev/vuln/GO-2024-2937
- NVD
- Launchpad
- Debian