DEBIAN-CVE-2024-24784

DEBIAN-CVE-2024-24784 PUBLISHED CVSS 7.5 HIGH

The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Debian:11	golang-1.15	0, 1.15.15-1, 1.15.15-1~deb11u1
Debian:12	golang-1.19	1.19.13-1, 1.19.8-2, 1.19.10-1

Timeline

Mar 5, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-24784 advisory

Open in Interactive Console →