rpm package
suse/glib2&distro=SUSE Linux Enterprise Server 12 SP4
pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-13012 | — | < 2.48.2-12.15.1 | 2.48.2-12.15.1 | Jun 28, 2019 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, | ||
| CVE-2019-12450 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | May 29, 2019 | file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. | ||
| CVE-2018-16429 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | Sep 4, 2018 | GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). | ||
| CVE-2018-16428 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | Sep 4, 2018 | In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. |
- CVE-2019-13012Jun 28, 2019affected < 2.48.2-12.15.1fixed 2.48.2-12.15.1
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL,
- CVE-2019-12450May 29, 2019affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
- CVE-2018-16429Sep 4, 2018affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
- CVE-2018-16428Sep 4, 2018affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.