[Git][security-tracker-team/security-tracker][master] mark CVE-2023-50472 as not-affected for Buster
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sat Dec 30 15:57:14 GMT 2023
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c295bb8b by Thorsten Alteholz at 2023-12-30T16:56:49+01:00
mark CVE-2023-50472 as not-affected for Buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2842,6 +2842,7 @@ CVE-2023-50563 (Semcms v4.8 was discovered to contain a SQL injection vulnerabil
NOT-FOR-US: Semcms
CVE-2023-50472 (cJSON v1.7.16 was discovered to contain a segmentation violation via t ...)
- cjson 1.7.17-1 (unimportant; bug #1059287)
+ [buster] - cjson <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/DaveGamble/cJSON/issues/803
NOTE: Fixed by: https://github.com/DaveGamble/cJSON/commit/60ff122ef5862d04b39b150541459e7f5e35add8
NOTE: Seems bogus, this isn't a DoS but only a broken use of an API
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c295bb8b96a40d74418953a073635baf22c856e2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c295bb8b96a40d74418953a073635baf22c856e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231230/b90a4961/attachment.htm>
More information about the debian-security-tracker-commits
mailing list