Vulnerability Report: GO-2024-2454
- CVE-2024-21664, GHSA-pvcr-v8j8-j5q3
- Affects: github.com/lestrrat-go/jwx, github.com/lestrrat-go/jwx/v2
- Published: Jan 23, 2024
- Modified: May 20, 2024
Panic due to nil pointer dereference in github.com/lestrrat-go/jwx/v2
For detailed information about this vulnerability, visit https://nvd.nist.gov/vuln/detail/CVE-2024-21664.
Affected Packages
-
PathGo VersionsSymbols
-
from v1.0.8 before v1.2.28
-
before v2.0.19
Aliases
References
- https://nvd.nist.gov/vuln/detail/CVE-2024-21664
- https://github.com/lestrrat-go/jwx/commit/0e8802ce6842625845d651456493e7c87625601f
- https://github.com/lestrrat-go/jwx/commit/d69a721931a5c48b9850a42404f18e143704adcd
- https://vuln.go.dev/ID/GO-2024-2454.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.