glib2-static (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package glib2-static, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (17)
CVE-2024-52533 — CVSS 9.8 (critical): gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not…
CVE-2020-13543 — CVSS 8.8 (high): A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a…
CVE-2020-13584 — CVSS 8.8 (high): An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a…
CVE-2020-9983 — CVSS 8.8 (high): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously…
CVE-2020-9948 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web…
CVE-2020-9951 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted…
CVE-2025-13601 — CVSS 7.7 (high): A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string()…
CVE-2019-13012 — CVSS 7.5 (high): The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents…
CVE-2021-27218 — CVSS 7.5 (high): An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or…
CVE-2021-27219 — CVSS 7.5 (high): An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit…
CVE-2019-14822 — CVSS 7.1 (high): A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus…
CVE-2025-14512 — CVSS 6.5 (medium): A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's…
CVE-2025-14087 — CVSS 5.6 (medium): A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service…
CVE-2021-3800 — CVSS 5.5 (medium): A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users…
CVE-2021-28153 — CVSS 5.3 (medium): An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path…
CVE-2024-34397 — CVSS 5.2 (medium): An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals…
CVE-2025-4373 — CVSS 4.8 (medium): A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which…