Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2020-35457
HistoryDec 14, 2020 - 11:15 p.m.

CVE-2020-35457

2020-12-1423:15:00
Alpine Linux Development Team
security.alpinelinux.org
9

EPSS

0.001

Percentile

34.4%

DISPUTED GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor’s position is “Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries().” The researcher states that this pattern is undocumented.

OSVersionArchitecturePackageVersionFilename
Alpine3.12-mainnoarchglib= 2.64.6-r0UNKNOWN
Alpine3.11-mainnoarchglib= 2.62.6-r0UNKNOWN
Alpine3.10-mainnoarchglib= 2.60.4-r0UNKNOWN