CVE-2025-60018

Опубликовано: 25 сент. 2025

Источник: debian

EPSS Низкий

Описание

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

Пакет	Статус	Версия исправления	Релиз	Тип
glib-networking	unfixed			package

https://gitlab.gnome.org/GNOME/glib-networking/-/issues/226
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/262
Fixed by: https://gitlab.gnome.org/GNOME/glib-networking/-/commit/4dd540505d40babe488404f3174ec39f49a84485
OpenSSL backend disabled by default upstream and in Debian

EPSS

Процентиль: 22%

0.00071

Низкий

CVE-2025-60018

CVSS3: 4.8

ubuntu

4 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

CVE-2025-60018

CVSS3: 4.8

nvd

4 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

CVE-2025-60018

msrc

4 месяца назад

Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()"

GHSA-3jwx-4xp9-65px

CVSS3: 4.8

github

4 месяца назад

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

BDU:2025-13732

CVSS3: 4.8

fstec

7 месяцев назад

Уязвимость функции BIO_write() библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 22%

0.00071

Низкий