CVE-2024-24792
Published: 27 June 2024
Parsing a corrupt or malicious image with invalid color indices can cause a panic.
Priority
Status
Package | Release | Status |
---|---|---|
golang-golang-x-image
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
mantic |
Ignored
(end of life, was needs-triage)
|
|
noble |
Needs triage
|
|
upstream |
Needs triage
|
References
- https://www.cve.org/CVERecord?id=CVE-2024-24792
- https://github.com/advisories/GHSA-9phm-fm57-rhg8
- https://github.com/golang/go/issues/67624
- https://go-review.googlesource.com/c/image/+/588115
- https://go.dev/cl/588115
- https://go.dev/issue/67624
- https://pkg.go.dev/vuln/GO-2024-2937
- NVD
- Launchpad
- Debian