CVE-2025-3360

Опубликовано: 07 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
glib2.0	fixed	2.84.1-1		package
glib2.0	fixed	2.74.6-2+deb12u6	bookworm	package

Примечания

https://gitlab.gnome.org/GNOME/glib/-/issues/3647
https://gitlab.gnome.org/GNOME/glib/-/commit/8d60d7dc168aee73a15eb5edeb2deaf196d96114 (2.83.4)
https://gitlab.gnome.org/GNOME/glib/-/commit/2fa1e183613bf58d31151ecaceab91607ccc0c6d (2.83.4)
https://gitlab.gnome.org/GNOME/glib/-/commit/0b225e7cd80801aca6e627696064d1698aaa85e7 (2.83.4)
https://gitlab.gnome.org/GNOME/glib/-/commit/3672764a17c26341ab8224dcaddf3e7cad699443 (2.83.4)
https://gitlab.gnome.org/GNOME/glib/-/commit/0ffdbebd9ab3246958e14ab33bd0c65b6f05fd13 (2.83.4)
Introduced by https://gitlab.gnome.org/GNOME/glib/-/commit/491f835c17d200ede52c823ab1566c493479cdc1 (2.55.0)

EPSS

Процентиль: 29%

0.00102

Низкий

Связанные уязвимости

CVE-2025-3360

CVSS3: 3.7

ubuntu

5 месяцев назад

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

CVE-2025-3360

CVSS3: 3.7

redhat

5 месяцев назад

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

CVE-2025-3360

CVSS3: 3.7

nvd

5 месяцев назад

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

CVE-2025-3360

CVSS3: 3.7

msrc

около 1 месяца назад

Описание отсутствует

SUSE-SU-2025:1367-1

suse-cvrf

4 месяца назад

Security update for glib2

EPSS

Процентиль: 29%

0.00102

Низкий