Untriaged
Permalink
CVE-2025-3360
3.7 LOW
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
References
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
- https://access.redhat.com/security/cve/CVE-2025-3360 x_refsource_REDHAT vdb-entry
- RHBZ#2357754 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html
Affected products
glib
- <2.82.5
bootc
glib2
loupe
librsvg2
mingw-glib2
glycin-loaders
Matching in nixpkgs
pkgs.podman-bootc
Streamlining podman+bootc interactions
-
nixos-unstable -
- nixpkgs-unstable 0.1.2
pkgs.mlxbf-bootctl
Control BlueField boot partitions
-
nixos-unstable -
- nixpkgs-unstable 2025-01-16
pkgs.systemd-bootchart
Boot performance graphing tool from systemd
-
nixos-unstable -
- nixpkgs-unstable 235
pkgs.rubyPackages.glib2
None
-
nixos-unstable -
- nixpkgs-unstable glib2-4.3.3
pkgs.rubyPackages_3_1.glib2
None
-
nixos-unstable -
- nixpkgs-unstable glib2-4.3.3
pkgs.rubyPackages_3_2.glib2
None
-
nixos-unstable -
- nixpkgs-unstable glib2-4.3.3
pkgs.rubyPackages_3_3.glib2
None
-
nixos-unstable -
- nixpkgs-unstable glib2-4.3.3
pkgs.rubyPackages_3_4.glib2
None
-
nixos-unstable -
- nixpkgs-unstable glib2-4.3.3
Package maintainers
-
@Thesola10 Karim Vergnes <me@thesola.io>
-
@nikstur nikstur <nikstur@outlook.com>
-
@thillux Markus Theil <theil.markus@gmail.com>
-
@evan-goode Evan Goode <mail@evangoo.de>
-
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>