{"id":"CVE-2024-34156","details":"Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.","aliases":["BIT-golang-2024-34156","GO-2024-3106"],"modified":"2026-04-10T05:12:50.643057Z","published":"2024-09-06T21:15:12Z","related":["ALSA-2024:11216","ALSA-2024:11217","ALSA-2024:6908","ALSA-2024:6913","ALSA-2024:6946","ALSA-2024:6947","ALSA-2024:7135","ALSA-2024:7136","ALSA-2024:7204","ALSA-2024:7262","ALSA-2024:8038","ALSA-2024:8039","ALSA-2024:8110","ALSA-2024:8111","ALSA-2024:8112","ALSA-2024:9454","ALSA-2024:9456","ALSA-2024:9459","ALSA-2024:9472","ALSA-2024:9473","ALSA-2025:3773","CGA-r689-g8v8-3x7q","MGASA-2024-0376","SUSE-SU-2024:3196-1","SUSE-SU-2024:3197-1","SUSE-SU-2024:3213-1","SUSE-SU-2024:3214-1","SUSE-SU-2024:3453-1","SUSE-SU-2024:3454-1","SUSE-SU-2024:3455-1","SUSE-SU-2024:3456-1","SUSE-SU-2024:3457-1","SUSE-SU-2024:3458-1","SUSE-SU-2024:3459-1","SUSE-SU-2024:3772-1","SUSE-SU-2024:3773-1","SUSE-SU-2024:3809-1","SUSE-SU-2024:3937-1","SUSE-SU-2024:3938-1","openSUSE-SU-2024:14323-1","openSUSE-SU-2024:14324-1","openSUSE-SU-2024:14375-1","openSUSE-SU-2024:14520-1","openSUSE-SU-2025:0056-1","openSUSE-SU-2025:15505-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240926-0004/"},{"type":"WEB","url":"https://go.dev/cl/611239"},{"type":"WEB","url":"https://go.dev/issue/69139"},{"type":"WEB","url":"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2024-3106"}],"schema_version":"1.7.5"}