CVE-2024-58249 Affecting wxwidgets3.2 package, versions <3.2.7+dfsg-1

Q: How to fix?

Upgrade Debian:unstable wxwidgets3.2 to version 3.2.7+dfsg-1 or higher.

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-DEBIANUNSTABLE-WXWIDGETS32-9748581
published18 Apr 2025
disclosed16 Apr 2025

Report a new vulnerability Found a mistake?

Introduced: 16 Apr 2025

NewCVE-2024-58249 (opens in a new tab)

How to fix?

Upgrade Debian:unstable wxwidgets3.2 to version 3.2.7+dfsg-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream wxwidgets3.2 package and not the wxwidgets3.2 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL.

References

https://security-tracker.debian.org/tracker/CVE-2024-58249
https://github.com/wxWidgets/wxWidgets/commit/f2918a9ac823074901ce27de939baa57788beb3d
https://github.com/wxWidgets/wxWidgets/compare/v3.2.6...v3.2.7
https://github.com/wxWidgets/wxWidgets/issues/24885