Vulnerability CVE-2024-25713
Published: 2024-02-29

Description:
yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)

 References:
https://github.com/ibireme/yyjson/security/advisories/GHSA-q4m7-9pcm-fpxh
Copyright 2026, cxsecurity.com

 

Back to Top