Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2025-60018

created 2 months, 3 weeks ago

Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()"

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

Affected products

glib-networking

<2.80.2

Matching in nixpkgs

pkgs.glib-networking

Network-related giomodules for glib

nixos-unstable 2.80.1
- nixpkgs-unstable 2.80.1
- nixos-unstable-small 2.80.1
nixos-25.05 2.80.1
- nixos-25.05-small 2.80.1
- nixpkgs-25.05-darwin 2.80.1

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>