VulnerableCode Package Details - pkg:deb/ubuntu/glib2.0@2.64.6-1~ubuntu20.04.3

Search for packages

Package details: pkg:deb/ubuntu/glib2.0@2.64.6-1~ubuntu20.04.3

Essentials
History (0)

purl	pkg:deb/ubuntu/glib2.0@2.64.6-1~ubuntu20.04.3

Next non-vulnerable version	2.64.6-1~ubuntu20.04.4
Latest non-vulnerable version	2.64.6-1~ubuntu20.04.4
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-dh4p-ygqy-aaak Aliases: CVE-2021-3800	CVE-2021-3800 glib2: Possible privilege escalation thourgh pkexec and aliases	2.64.6-1~ubuntu20.04.4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-38zg-dgk4-aaac	An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)	CVE-2021-28153

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version