vulnerability
CentOS Linux: CVE-2024-24786: Moderate: rhc-worker-script security and enhancement update (CESA-2024:1874)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Mar 5, 2024 | Apr 19, 2024 | Feb 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Mar 5, 2024
Added
Apr 19, 2024
Modified
Feb 18, 2025
Description
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
Solution
centos-upgrade-rhc-worker-script
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.