The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2024/06/04/1 | Mailing List Third Party Advisory |
https://go.dev/cl/590316 | Patch |
https://go.dev/issue/67680 | Issue Tracking |
https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ | Release Notes |
https://pkg.go.dev/vuln/GO-2024-2887 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Go
Published: 2024-06-05T15:13:50.527Z
Updated: 2024-06-05T15:13:50.527Z
Reserved: 2024-01-30T16:05:14.758Z
Link: CVE-2024-24790
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-06-05T16:15:10.560
Modified: 2024-06-18T17:59:12.547
Link: CVE-2024-24790
JSON object: View
Redhat Information
No data.
CWE