Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 23 results


CVE-2024-52533

Medium priority

Some fixes available 6 of 7

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-34397

Medium priority

Some fixes available 5 of 8

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of...

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-32665

Medium priority
Fixed

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-32643

Medium priority
Fixed

A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors...

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-32636

Medium priority
Fixed

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This...

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-32611

Medium priority
Fixed

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-29499

Medium priority
Fixed

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-25085

Medium priority
Not affected

A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to...

2 affected packages

epiphany-browser, glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
epiphany-browser Not affected Not affected Not affected Not affected
glib2.0 Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-3800

Medium priority
Fixed

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Not affected Fixed Fixed
Show less packages

CVE-2021-28153

Medium priority

Some fixes available 4 of 5

An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an...

1 affected packages

glib2.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
glib2.0 Not affected Not affected Fixed Fixed Fixed
Show less packages