Vulnerabilities > Gnome > Glib > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-29499 Resource Exhaustion vulnerability in Gnome Glib
A flaw was found in GLib.
network
low complexity
gnome CWE-400
7.5
2023-09-14 CVE-2023-32636 Deserialization of Untrusted Data vulnerability in Gnome Glib
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499.
network
low complexity
gnome CWE-502
7.5
2023-09-14 CVE-2023-32643 Out-of-bounds Write vulnerability in Gnome Glib
A flaw was found in GLib.
local
low complexity
gnome CWE-787
7.8
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2020-12-14 CVE-2020-35457 Integer Overflow or Wraparound vulnerability in Gnome Glib
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries.
local
low complexity
gnome CWE-190
7.8
2019-06-28 CVE-2019-13012 Incorrect Permission Assignment for Critical Resource vulnerability in Gnome Glib
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).
network
low complexity
gnome CWE-732
7.5
2018-09-04 CVE-2018-16429 Out-of-bounds Read vulnerability in multiple products
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
network
low complexity
gnome canonical CWE-125
7.5
2009-09-22 CVE-2009-3289 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
local
low complexity
gnome opensuse suse CWE-732
7.8