From 19ca2c468f1acd5d9d489b32985f03a8ba89c608 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 26 Apr 2024 15:49:16 +0200
Subject: Add CVE-2024-31755/cjson

---
 data/CVE/list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index d7473bb994..c122fd0d41 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -73,7 +73,10 @@ CVE-2024-32406 (Server-Side Template Injection (SSTI) vulnerability in inducer r
 CVE-2024-32404 (Server-Side Template Injection (SSTI) vulnerability in inducer relate  ...)
 	TODO: check
 CVE-2024-31755 (cJSON v1.7.17 was discovered to contain a segmentation violation, whic ...)
-	TODO: check
+	- cjson <unfixed>
+	NOTE: https://github.com/DaveGamble/cJSON/issues/839
+	NOTE: https://github.com/DaveGamble/cJSON/pull/840
+	NOTE: https://github.com/DaveGamble/cJSON/commit/7e4d5dabe7a9b754c601f214e65b544e67ba9f59
 CVE-2024-31610 (File Upload vulnerability in the function for employees to upload avat ...)
 	NOT-FOR-US: Code-Projects Simple School Management System
 CVE-2024-31609 (Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attac ...)
-- 
cgit v1.2.3