The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
History

Thu, 07 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Golang
Golang go
CPEs cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Vendors & Products Golang
Golang go
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Thu, 31 Oct 2024 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift_data_foundation:4.17::el9

Wed, 16 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:run_once_duration_override_operator:1.2::el9

Tue, 15 Oct 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat cluster Observability Operator
CPEs cpe:/a:redhat:cluster_observability_operator:0.4::el8
Vendors & Products Redhat cluster Observability Operator

Tue, 01 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.17::el9

Fri, 06 Sep 2024 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Builds
CPEs cpe:/a:redhat:openshift_builds:1.1::el9
Vendors & Products Redhat openshift Builds

cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published: 2024-03-05T22:22:35.299Z

Updated: 2024-11-07T16:23:32.865Z

Reserved: 2024-01-30T16:05:14.757Z

Link: CVE-2024-24786

cve-icon Vulnrichment

Updated: 2024-08-01T23:28:12.790Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-05T23:15:07.820

Modified: 2024-11-07T17:35:15.080

Link: CVE-2024-24786

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-05T00:00:00Z

Links: CVE-2024-24786 - Bugzilla