7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
glib2 is vulnerable to privilege escalation. The vulnerability exists due to the use of random charset alias and lack of sanitization of the authorization, leaking content from files owned by privileged users to unprivileged ones under the right condition.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
access.redhat.com/errata/RHSA-2021:4385
access.redhat.com/security/cve/CVE-2021-3800
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1938284
gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995
lists.debian.org/debian-lts-announce/2022/09/msg00020.html
security.netapp.com/advisory/ntap-20221028-0004/
www.openwall.com/lists/oss-security/2017/06/23/8