Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-25713

Опубликовано: 29 фев. 2024
Источник: debian
EPSS Низкий

Описание

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)

Пакеты

ПакетСтатусВерсия исправленияРелизТип
yyjsonnot-affectedpackage

Примечания

  • https://github.com/ibireme/yyjson/security/advisories/GHSA-q4m7-9pcm-fpxh

EPSS

Процентиль: 86%
0.03059
Низкий

Связанные уязвимости

nvd логотип

CVE-2024-25713

CVSS3: 8.6
nvd
почти 2 года назад

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)

github логотип

GHSA-whx6-m9j4-w2m2

CVSS3: 8.6
github
почти 2 года назад

yyjson has a Double Free vulnerability

EPSS

Процентиль: 86%
0.03059
Низкий