230 matches found
EUVD-2023-36908
Malicious code in bioql PyPI...
Gvariant deserialisation does not match spec for non-normal data
...
Alibaba Cloud Linux 3 : 0064: glib2 (ALINUX3-SA-2024:0064)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-29499: A flaw was found in GLib...
Amazon Linux 2 : glib2 (ALAS-2025-2767)
The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2767 advisory. GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading ...
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.
...
Gvariant offset table entry size is not checked in is_normal()
...
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.
...
Important: glib2
Issue Overview: GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading to denial of service. CVE-2023-29499 GLib's GVariant deserialization prior to GLib 2.74.4 is vulnerable to a slowdown issue where a crafted GVariant can cause...
Important: glib2
Issue Overview: GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading to denial of service. CVE-2023-29499 GLib's GVariant deserialization prior to GLib 2.74.4 is vulnerable to a slowdown issue where a crafted GVariant can cause...
PT-2025-50314
Name of the Vulnerable Software and Affected Versions GLib versions affected versions not specified Description A flaw exists in GLib Gnome Lib that allows a remote attacker to cause heap corruption. This can lead to a denial of service or potential code execution through a buffer-underflow in th...
CLSA-2024-1722525083 glib2: Fix of 3 CVEs
CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data - Enable...
ROS-20240506-02
A vulnerability in the Glib library is related to GVariant deserialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of Glib library function gbytearraynewtake is related to buffer copying without checking the the size of the input data...
glib: Timeout in fuzz_variant_text
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...
Low: Red Hat Security Advisory: mingw-glib2 security update
An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
glib: GVariant deserialisation does not match spec for non-normal data
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...
glib: GVariant offset table entry size is not checked in is_normal()
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...
glib: g_variant_byteswap() can take a long time with some non-normal inputs
A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service...
RHEL 9 : mingw-glib2 (RHSA-2024:2528)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
GLSA-202311-18 : GLib: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202311-18 GLib: Multiple Vulnerabilities - A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. CVE-2023-29499 - A flaw was found in GLi...
GLib: Multiple Vulnerabilities
Background GLib is a library providing a number of GNOME's core objects and functions. Description Multiple vulnerabilities have been discovered in GLib. Please review the referenced CVEs for details. Impact GVariant deserialization is vulnerable to an exponential blowup issue where a crafted...