CVE-2023-24535
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
08/06/2023
Last modified:
06/01/2025
Description
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:protobuf:protobuf:1.29.0:*:*:*:*:go:*:* |
To consult the complete list of CPE names with products and versions, see this page



