VulnerableCode Package Details - pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6

Search for packages

Vulnerability	Summary	Fixed by
VCID-qaja-aa9k-1yeb Aliases: CVE-2025-4373	A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.	2.78.4-1 Affected by 0 other vulnerabilities. 2.84.2-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-qaja-aa9k-1yeb
Aliases:
CVE-2025-4373

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

2.78.4-1
Affected by 0 other vulnerabilities.

2.84.2-1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-9kc1-n2r4-z3d4	glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().	CVE-2025-3360
VCID-rbuu-36tt-g7ab	glib: glib crash after long command line	CVE-2025-4056
VCID-yznb-jwt4-43h8	gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.	CVE-2024-52533

Vulnerability

Summary

Aliases

VCID-9kc1-n2r4-z3d4

glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().

CVE-2025-3360

VCID-rbuu-36tt-g7ab

glib: glib crash after long command line

CVE-2025-4056

VCID-yznb-jwt4-43h8

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

CVE-2024-52533

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-22T10:56:28.731470+00:00	Debian Importer	Fixing	VCID-rbuu-36tt-g7ab	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-21T12:09:36.376813+00:00	Debian Importer	Affected by	VCID-qaja-aa9k-1yeb	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-21T04:30:22.669484+00:00	Debian Importer	Fixing	VCID-9kc1-n2r4-z3d4	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-02T10:28:50.213108+00:00	Debian Importer	Fixing	VCID-yznb-jwt4-43h8	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-06-01T01:22:14.335355+00:00	Debian Importer	Affected by	VCID-qaja-aa9k-1yeb	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-05-03T08:51:37.765345+00:00	Debian Importer	Fixing	VCID-rbuu-36tt-g7ab	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T08:46:14.788509+00:00	Debian Importer	Fixing	VCID-9kc1-n2r4-z3d4	https://security-tracker.debian.org/tracker/data/json	36.0.0