VulnerableCode Package Details - pkg:deb/debian/glib2.0@2.74.6-2%2Bdeb12u6

Search for packages

Vulnerability	Summary	Fixed by
VCID-7s4u-q3s2-nqbu Aliases: CVE-2025-7039		2.74.6-2+deb12u7 Affected by 0 other vulnerabilities. 2.78.4-1 Affected by 0 other vulnerabilities. 2.84.4-1 Affected by 0 other vulnerabilities. 2.84.4-2 Affected by 0 other vulnerabilities. 2.84.4-3~deb13u1 Affected by 0 other vulnerabilities.
VCID-g6d8-tvac-dfdu Aliases: CVE-2025-4373	A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.	2.74.6-2+deb12u7 Affected by 0 other vulnerabilities. 2.78.4-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-7s4u-q3s2-nqbu
Aliases:
CVE-2025-7039

2.74.6-2+deb12u7
Affected by 0 other vulnerabilities.

2.78.4-1
Affected by 0 other vulnerabilities.

2.84.4-1
Affected by 0 other vulnerabilities.

2.84.4-2
Affected by 0 other vulnerabilities.

2.84.4-3~deb13u1
Affected by 0 other vulnerabilities.

VCID-g6d8-tvac-dfdu
Aliases:
CVE-2025-4373

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

2.74.6-2+deb12u7
Affected by 0 other vulnerabilities.

2.78.4-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-22x7-k4s1-uugm	A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.	CVE-2025-3360
VCID-nk6q-zvpa-y3gf	gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.	CVE-2024-52533

Vulnerability

Summary

Aliases

VCID-22x7-k4s1-uugm

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

CVE-2025-3360

VCID-nk6q-zvpa-y3gf

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

CVE-2024-52533

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-11T12:52:17.084259+00:00	Debian Importer	Affected by	VCID-7s4u-q3s2-nqbu	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-08-01T19:56:12.649533+00:00	Debian Oval Importer	Fixing	VCID-22x7-k4s1-uugm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:36:29.300107+00:00	Debian Oval Importer	Fixing	VCID-nk6q-zvpa-y3gf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:24:24.135294+00:00	Debian Importer	Affected by	VCID-g6d8-tvac-dfdu	https://security-tracker.debian.org/tracker/data/json	37.0.0