CLSA-2026-1777541282 glib2: Fix of 2 CVEs

CVE-2023-29499: fix GVariant offset table entry size which is not checked in isnormal. - CVE-2023-32636: remediate GVariant deserialisation timeout regression introduced by the CVE-2023-29499 fix. - Backported upstream MR 3126 22 commits from centos8.5els...

MiracleLinux 9 : glib2-2.68.4-11.el9 (AXSA:2023-6826:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6826:03 advisory. glib: GVariant offset table entry size is not checked in isnormal CVE-2023-29499 glib: gvariantbyteswap can take a long time with some non-normal...

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-29499)

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

EUVD-2023-36879

Malicious code in bioql PyPI...

CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA...

Alibaba Cloud Linux 3 : 0064: glib2 (ALINUX3-SA-2024:0064)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-29499: A flaw was found in GLib...

Linux Distros Unpatched Vulnerability : CVE-2023-29499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. CVE-2023-2949...

Linux Distros Unpatched Vulnerability : CVE-2021-29499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifier...

Amazon Linux 2 : glib2 (ALAS-2025-2767)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2767 advisory. GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading ...

CBL Mariner 2.0 Security Update: glib (CVE-2023-29499)

The version of glib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-29499 advisory. - A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected...

CVE-2023-29499 affecting package glib for versions less than 2.71.0-4

CVE-2023-29499 affecting package glib for versions less than 2.71.0-4. A patched version of the package is available...

RHEL 7 : glib (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink...

RHEL 6 : glib (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink...

Oracle Linux 9 : mingw-glib2 (ELSA-2024-2528)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2528 advisory. - Fix CVEs: CVE-2023-32636, CVE-2023-29499, CVE-2023-32611, CVE-2023-32665, DoS Tenable has extracted the preceding description block directly from the...

ALSA-2024:2528 Low: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...

Low: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...

RHEL 9 : mingw-glib2 (RHSA-2024:2528)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...

CVE-2024-29499

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/users/delete/2...

CVE-2024-29499

CVE-2024-29499 affects Anchor CMS v0.12.7 with a Cross-Site Request Forgery (CSRF) vulnerability at /anchor/admin/users/delete/2. The CVSS v3.1 base score is 7.4 (HIGH) with network attack vector, low attack complexity, requiring low privileges and user interaction set to none; scope: changed. Re...

CVE-2024-29499

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/users/delete/2...