rpm package
suse/glib2&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-4373 | Med | 4.8 | < 2.62.6-150200.3.30.1 | 2.62.6-150200.3.30.1 | May 6, 2025 | A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. | |
| CVE-2025-3360 | Low | 3.7 | < 2.62.6-150200.3.27.1 | 2.62.6-150200.3.27.1 | Apr 7, 2025 | A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function. | |
| CVE-2024-52533 | — | < 2.62.6-150200.3.24.1 | 2.62.6-150200.3.24.1 | Nov 11, 2024 | gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. | ||
| CVE-2024-34397 | Med | 5.2 | < 2.62.6-150200.3.18.1 | 2.62.6-150200.3.18.1 | May 7, 2024 | An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals tha | |
| CVE-2021-28153 | — | < 2.62.6-150200.3.10.1 | 2.62.6-150200.3.10.1 | Mar 11, 2021 | An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security re |
- affected < 2.62.6-150200.3.30.1fixed 2.62.6-150200.3.30.1
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
- affected < 2.62.6-150200.3.27.1fixed 2.62.6-150200.3.27.1
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
- CVE-2024-52533Nov 11, 2024affected < 2.62.6-150200.3.24.1fixed 2.62.6-150200.3.24.1
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
- affected < 2.62.6-150200.3.18.1fixed 2.62.6-150200.3.18.1
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals tha
- CVE-2021-28153Mar 11, 2021affected < 2.62.6-150200.3.10.1fixed 2.62.6-150200.3.10.1
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security re