NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-25713

Summary	yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)
Publication Date	Feb. 29, 2024, 10:44 a.m.
Registration Date	Feb. 29, 2024, 4 p.m.
Last Update	April 20, 2024, 8:15 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/ibireme/yyjson/security/advisories/GHSA-q4m7-9pcm-fpxh
2	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NNICQVIF7BRYFWYRL3HPVAJIPXN4OVTX/
3	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KQ67T4R7QEWURW5NMCCVLTBASL4ECHE/
4	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKQPEREDUDKGYJMFNFDQVYCVLWDRO2Y2/

Common Vulnerabilities List