Search for packages
| purl | pkg:deb/debian/glib2.0@2.42.1-1 |
| Next non-vulnerable version | 2.74.6-2+deb12u6 |
| Latest non-vulnerable version | 2.88.0-1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4em6-3x32-ybcv
Aliases: CVE-2023-32611 |
Uncontrolled Resource Consumption A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. |
Affected by 11 other vulnerabilities. |
|
VCID-6xng-bfkg-jfa4
Aliases: CVE-2025-13601 |
glib: Integer overflow in in g_escape_uri_string() |
Affected by 0 other vulnerabilities. |
|
VCID-7ck1-vwbt-9qhd
Aliases: CVE-2020-6750 |
glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored |
Affected by 16 other vulnerabilities. |
|
VCID-817e-zas3-6yf6
Aliases: CVE-2025-3360 |
glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601(). |
Affected by 0 other vulnerabilities. |
|
VCID-83s2-671n-zugn
Aliases: CVE-2019-12450 |
glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress |
Affected by 24 other vulnerabilities. |
|
VCID-a9dn-qcuy-f7cs
Aliases: CVE-2026-1489 |
Glib: GLib: Memory corruption via integer overflow in Unicode case conversion |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bfyu-jryn-eyak
Aliases: CVE-2021-28153 |
Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. |
Affected by 16 other vulnerabilities. |
|
VCID-ca52-wfc7-2ubd
Aliases: CVE-2021-27219 |
Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. |
Affected by 16 other vulnerabilities. |
|
VCID-cgcb-brxv-mqef
Aliases: CVE-2025-4373 |
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar |
Affected by 0 other vulnerabilities. |
|
VCID-damf-qan2-byfh
Aliases: DSA-5682-2 glib2.0 |
regression update |
Affected by 11 other vulnerabilities. |
|
VCID-dsah-jpwg-yfez
Aliases: CVE-2024-52533 |
glib: buffer overflow in set_connect_msg() |
Affected by 0 other vulnerabilities. |
|
VCID-gchd-ewt9-17dk
Aliases: CVE-2026-0988 |
glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-gwaz-f5mw-j7cb
Aliases: CVE-2026-1485 |
Glib: Glib: Local denial of service via buffer underflow in content type parsing |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-h7kh-2qm2-1fgu
Aliases: CVE-2025-14087 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption |
Affected by 0 other vulnerabilities. |
|
VCID-jkfs-7tug-5beu
Aliases: CVE-2018-16428 |
glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c |
Affected by 24 other vulnerabilities. |
|
VCID-khtv-um6m-pkad
Aliases: CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
Affected by 16 other vulnerabilities. |
|
VCID-p6zn-nqaf-wfa7
Aliases: CVE-2019-13012 |
glib2: insecure permissions for files and directories |
Affected by 16 other vulnerabilities. |
|
VCID-r5t7-nkkv-skhg
Aliases: CVE-2024-34397 |
A vulnerability has been discovered in GLib, which can lead to privilege escalation. |
Affected by 11 other vulnerabilities. |
|
VCID-re78-z26g-ffen
Aliases: CVE-2025-7039 |
glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() |
Affected by 0 other vulnerabilities. |
|
VCID-syjs-4vtj-4bcb
Aliases: CVE-2021-27218 |
Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. |
Affected by 16 other vulnerabilities. |
|
VCID-t8h7-hah9-bkaw
Aliases: CVE-2019-25085 |
gvdb: use after free issue was fixed in gvdb_table_write_contents_async() |
Affected by 16 other vulnerabilities. |
|
VCID-tmff-7vrs-sqfx
Aliases: CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries()." The researcher states that this pattern is undocumented |
Affected by 16 other vulnerabilities. |
|
VCID-tzt9-dtt8-bkfm
Aliases: CVE-2023-32665 |
Deserialization of Untrusted Data A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. |
Affected by 11 other vulnerabilities. |
|
VCID-u5sb-ke8a-qkd2
Aliases: CVE-2026-1484 |
Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-xq36-cxqj-h3hh
Aliases: CVE-2025-14512 |
glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow |
Affected by 0 other vulnerabilities. |
|
VCID-xzum-kd1h-nfdk
Aliases: CVE-2018-16429 |
glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c |
Affected by 24 other vulnerabilities. |
|
VCID-z2v6-3j7r-vkaj
Aliases: CVE-2023-29499 |
Uncontrolled Resource Consumption A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. |
Affected by 11 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||