30 matches found
CLSA-2026-1777541282 glib2: Fix of 2 CVEs
CVE-2023-29499: fix GVariant offset table entry size which is not checked in isnormal. - CVE-2023-32636: remediate GVariant deserialisation timeout regression introduced by the CVE-2023-29499 fix. - Backported upstream MR 3126 22 commits from centos8.5els...
Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-32636)
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...
Security Bulletin: There is a vulnerability in Findings in glib2 library affecting watsonx Code Assistant On Prem Extensions
Summary There is a vulnerablity in the Findings in glib2 library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-32636 DESCRIPTION: GNOME GLib is vulnerable to a denial of service,...
Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to denial of service due to GNOME GLib (CVE-2023-32636)
Summary GNOME GLib is used by IBM DataStage on Cloud Pak for Data as part of the data handling functionality. Vulnerability Details CVEID:CVE-2023-32636 DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by a flaw in the fuzzvarianttext function. By sending a specially crafted...
Linux Distros Unpatched Vulnerability : CVE-2023-32636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolv...
Amazon Linux 2 : glib2 (ALAS-2025-2767)
The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2767 advisory. GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading ...
CBL Mariner 2.0 Security Update: glib (CVE-2023-32636)
The version of glib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32636 advisory. - A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service...
CVE-2023-32636 affecting package glib for versions less than 2.71.0-4
CVE-2023-32636 affecting package glib for versions less than 2.71.0-4. A patched version of the package is available...
RHEL 7 : glib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink...
RHEL 6 : glib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink...
Oracle Linux 9 : mingw-glib2 (ELSA-2024-2528)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2528 advisory. - Fix CVEs: CVE-2023-32636, CVE-2023-29499, CVE-2023-32611, CVE-2023-32665, DoS Tenable has extracted the preceding description block directly from the...
ALSA-2024:2528 Low: mingw-glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...
RHEL 9 : mingw-glib2 (RHSA-2024:2528)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Low: mingw-glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...
Ubuntu: Security Advisory (USN-6165-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM : GLib vulnerabilities (USN-6165-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6165-2 advisory. USN-6165-1 fixed vulnerabilities in GLib. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu...
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2982)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-32636
creationtimestamp| type| source ---|---|--- 2023-09-15 00:24:49+00:00| seen| https://t.me/cibsecurity/70562...
CVE-2023-32636
GLib: CVE-2023-32636 describes a DoS in GVariant deserialization caused by slow offset table validation; the description notes that no released GLib version is affected, but distributors who backported the CVE-29499 fix may be impacted. Connected advisories (including Broadcom/ALAS and AlmaLinux)...
CVE-2023-32636
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...