CVE-2024-24784

CVE-2024-24784

Name

CVE-2024-24784

Description

The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security@golang.org	https://go.dev/cl/555596
security@golang.org	https://go.dev/issue/65083
security@golang.org	https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg
security@golang.org	https://pkg.go.dev/vuln/GO-2024-2609
security@golang.org	https://security.netapp.com/advisory/ntap-20240329-0007/
security@golang.org	http://www.openwall.com/lists/oss-security/2024/03/08/4

Type

URI

security@golang.org

https://go.dev/cl/555596

security@golang.org

https://go.dev/issue/65083

security@golang.org

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

security@golang.org

https://pkg.go.dev/vuln/GO-2024-2609

security@golang.org

https://security.netapp.com/advisory/ntap-20240329-0007/