Vulnerability CVE-2024-24784


Published: 2024-03-05   Modified: 2024-03-06

Description:
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.

 References:
https://go.dev/issue/65083
https://go.dev/cl/555596
https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg
https://pkg.go.dev/vuln/GO-2024-2609

Copyright 2026, cxsecurity.com

 

Back to Top