CVE-2024-52531

Risk Scores

Affected Products

Exploit Intelligence

• https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html (nist-nvd)
• CIRCL seen: CVE-2024-52531 (circl-sighting)
• CIRCL seen: CVE-2024-52531 (circl-sighting)
• https://lists.debian.org/debian-lts-announce/2024/12/msg00014.html (circl)
• https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home (circl)
• https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407 (circl)
• https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401 (circl)

Timeline

• Nov 11, 2024 CVE Published
• Nov 11, 2024 Coalition ESS Score
• Nov 11, 2024 PoC Published
• Nov 11, 2024 PoC Published
• Nov 12, 2024 EPSS Score
• Nov 12, 2024 Coalition ESS Score
• Nov 12, 2024 Coalition ESS Score
• Nov 13, 2024 Coalition ESS Score
• Nov 30, 2024 EPSS Score
• Dec 18, 2024 EPSS Score
• Jan 5, 2025 EPSS Score
• Jan 23, 2025 EPSS Score

References

• ALAS2-2024-2705: libsoup (important) advisory