Published: 05/03/2024 Updated: 01/05/2024

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

Debian Bug report logs - #1065684 golang-google-protobuf: CVE-2024-24786 Package: src:golang-google-protobuf; Maintainer for src:golang-google-protobuf is Debian Go Packaging Team <team+pkg-go@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 8 Mar 2024 21:27:02 UTC Severity: impo ...

oss-sec mailing list archives   By Date By Thread </form>    5 CVEs fixed in Go 1221 and Go 1218, 1 CVE fixed in googlegolangorg/protobuf  <!--X-Head-of-M ...

Learning how to deploy a simple 3 nodes (1 server and 2 agents) k3s cluster with rancher ui installed through a docker-compose.

Rancher/k3s cluster in docker containers Learning how to deploy a simple 3 nodes (1 server and 2 agents) k3s cluster with rancher ui installed through a docker-compose Environment It's possible to define env variables in a env file at the same level of the docker compose file ENV: K3S_VERSION: official rancher/k3s image version (default latest) K3S_URL: server url K3S_

https://go.dev/cl/569356 https://pkg.go.dev/vuln/GO-2024-2611 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/http://www.openwall.com/lists/oss-security/2024/03/08/4 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684 https://nvd.nist.gov https://github.com/DanielePeruzzi97/rancher-k3s-docker

CVE-2024-24786

Vulnerability Summary

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect