From 10bd990a176969d0fa8f46831a7a99a49a035042 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 19 Sep 2020 13:46:26 +0200
Subject: Add CVE-2020-24750

---
 data/CVE/list | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 6341c5212f..e37c3722dd 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2198,7 +2198,11 @@ CVE-2020-24752
 CVE-2020-24751
 	RESERVED
 CVE-2020-24750 (FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interact ...)
-	TODO: check
+	- jackson-databind <unfixed>
+	[buster] - jackson-databind <no-dsa> (Minor issue)
+	NOTE: https://github.com/FasterXML/jackson-databind/issues/2798
+	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
+	NOTE: but still an issue when Default Typing is enabled.
 CVE-2020-24749
 	RESERVED
 CVE-2020-24748
-- 
cgit v1.2.3