Debian Golang-Google-Protobuf vulnerabilities

CVE-2024-24786 [HIGH] CVE-2024-24786: golang-google-protobuf - The protojson.Unmarshal function can enter an infinite loop when unmarshaling ce... The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 1.33.0-1) sid:

CVE-2023-24535 [HIGH] CVE-2023-24535: golang-google-protobuf - Parsing invalid messages can panic. Parsing a text-format message which contains... Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved