[Git][security-tracker-team/security-tracker][master] Add CVE-2024-57699/son-smart
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 12 14:40:39 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d62460b9 by Salvatore Bonaccorso at 2025-02-12T15:40:15+01:00
Add CVE-2024-57699/son-smart
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1619,7 +1619,10 @@ CVE-2025-0799 (IBM App Connect enterprise12.0.1.0 through 12.0.12.10 and13.0.1.0
CVE-2025-0522 (The LikeBot WordPress plugin through 0.85 does not have CSRF check in ...)
NOT-FOR-US: WordPress plugin
CVE-2024-57699 (A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. ...)
- TODO: check
+ - json-smart <unfixed>
+ NOTE: https://github.com/TurtleLiu/Vul_PoC/tree/main/CVE-2024-57699
+ NOTE: https://github.com/netplex/json-smart-v2/pull/233
+ NOTE: Fixed by: https://github.com/netplex/json-smart-v2/commit/c21d8545e58b2ef2aa16094a09b13ff92adef15c (2.5.2)
CVE-2024-57598 (A floating point exception (divide-by-zero) vulnerability was discover ...)
NOT-FOR-US: Bento4
CVE-2024-57520 (Insecure Permissions vulnerability in asterisk v22 allows a remote att ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d62460b91632cad9d292260d42c4cb3ad24ce6f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d62460b91632cad9d292260d42c4cb3ad24ce6f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250212/7c7ca37f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list