Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:32994
HistoryNov 17, 2021 - 10:36 p.m.

Privilege Escalation

2021-11-1722:36:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

JSON

glib2 is vulnerable to privilege escalation. The vulnerability exists due to the use of random charset alias and lack of sanitization of the authorization, leaking content from files owned by privileged users to unprivileged ones under the right condition.

Related

nessus 16
openvas 8
ubuntu 1
osv 5
cbl_mariner 1
cve 1
gitlab 1
redhatcve 1
amazon 2
debiancve 1
cloudlinux 1
cloudfoundry 1
debian 1
prion 1
ubuntucve 1
broadcom 1
rocky 1
redhat 20
photon 4
oraclelinux 1
almalinux 1
ibm 1
nessus
nessus
EulerOS Virtualization 3.0.2.0 : glib2 (EulerOS-SA-2023-1701)
2023-05-07 00:00:00
EulerOS Virtualization 3.0.6.0 : glib2 (EulerOS-SA-2023-2220)
2023-06-12 00:00:00
Amazon Linux 2 : glib2 (ALAS-2023-2058)
2023-06-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5189-1)
2021-12-14 00:00:00
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2220)
2023-06-12 00:00:00
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2410)
2023-07-25 00:00:00
ubuntu
ubuntu
GLib vulnerability
2021-12-13 00:00:00
osv
osv
CVE-2021-3800
2022-08-23 16:15:09
glib2.0 - security update
2022-09-15 00:00:00
A security issue was fixed in GLib
2021-12-13 19:48:07
cbl_mariner
cbl_mariner
CVE-2021-3800 affecting package glib 2.58.0-9
2022-12-27 17:55:47
cve
cve
CVE-2021-3800
2022-08-23 16:15:00
gitlab
gitlab
Files or Directories Accessible to External Parties
2022-08-23 00:00:00
redhatcve
redhatcve
CVE-2021-3800
2021-10-05 18:00:54
amazon
amazon
Medium: glib2
2023-05-25 17:41:00
Important: glib2
2023-04-27 16:19:00
debiancve
debiancve
CVE-2021-3800
2022-08-23 16:15:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3800
2022-01-13 14:29:56
cloudfoundry
cloudfoundry
USN-5189-1: GLib vulnerability | Cloud Foundry
2022-01-20 00:00:00
debian
debian
[SECURITY] [DLA 3110-1] glib2.0 security update
2022-09-15 12:57:02
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
ubuntucve
ubuntucve
CVE-2021-3800
2021-11-02 00:00:00
broadcom
broadcom
Flaw in glib could leak content from files owned by priviledged users to unprivilged ones.
2023-08-01 00:00:00
rocky
rocky
glib2 security and bug fix update
2021-11-09 09:16:02
redhat
redhat
(RHSA-2021:4385) Moderate: glib2 security and bug fix update
2021-11-09 09:16:02
(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0
2022-02-03 17:07:25
(RHSA-2021:4032) Low: Openshift Logging 5.2.3 bug fix and security update
2021-11-17 03:27:52
photon
photon
Critical Photon OS Security Update - PHSA-2022-0300
2022-12-16 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0300
2022-12-16 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0449
2022-09-09 00:00:00
oraclelinux
oraclelinux
glib2 security and bug fix update
2021-11-16 00:00:00
almalinux
almalinux
Moderate: glib2 security and bug fix update
2021-11-09 09:16:02
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-01-19 13:54:16

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

JSON
Related for VERACODE:32994
nessus16openvas8ubuntu1osv5cbl_mariner1cve1gitlab1redhatcve1amazon2debiancve1cloudlinux1cloudfoundry1debian1prion1ubuntucve1broadcom1rocky1redhat20photon4oraclelinux1almalinux1ibm1