Glib

glib

Vendor: Gnome • 26 CVEs

CVEs (26)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-9633 1Gnome 1Glib Nov 21, 2024 Mar 8, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket...Show more gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).Show less
CVE-2018-16429 2Canonical Gnome 2Glib Ubuntu Linux Nov 21, 2024 Sep 4, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
CVE-2018-16428 2Canonical Gnome 2Glib Ubuntu Linux Nov 21, 2024 Sep 4, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
CVE-2012-0039 1Gnome 1Glib Apr 29, 2026 Jan 14, 2012 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of se...Show more GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.Show less
CVE-2009-3289 3Gnome OpensuseSuse 3Glib OpensuseSuse Linux Enterprise Server Apr 23, 2026 Sep 22, 2009 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Naut...Show more The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.Show less
CVE-2008-4316 1Gnome 1Glib Apr 23, 2026 Mar 14, 2009 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.

Previous 12