rpm package
suse/glib2&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/glib2&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-27219 | — | < 2.48.2-12.22.1 | 2.48.2-12.22.1 | Feb 15, 2021 | An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. | ||
| CVE-2021-27218 | — | < 2.48.2-12.22.1 | 2.48.2-12.22.1 | Feb 15, 2021 | An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. | ||
| CVE-2019-13012 | — | < 2.48.2-12.15.1 | 2.48.2-12.15.1 | Jun 28, 2019 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, | ||
| CVE-2019-12450 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | May 29, 2019 | file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. | ||
| CVE-2018-16429 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | Sep 4, 2018 | GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). | ||
| CVE-2018-16428 | — | < 2.48.2-12.12.2 | 2.48.2-12.12.2 | Sep 4, 2018 | In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. |
- CVE-2021-27219Feb 15, 2021affected < 2.48.2-12.22.1fixed 2.48.2-12.22.1
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.
- CVE-2021-27218Feb 15, 2021affected < 2.48.2-12.22.1fixed 2.48.2-12.22.1
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.
- CVE-2019-13012Jun 28, 2019affected < 2.48.2-12.15.1fixed 2.48.2-12.15.1
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL,
- CVE-2019-12450May 29, 2019affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
- CVE-2018-16429Sep 4, 2018affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
- CVE-2018-16428Sep 4, 2018affected < 2.48.2-12.12.2fixed 2.48.2-12.12.2
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.