Search CVE reports


Toggle filters

1 – 10 of 44 results


CVE-2026-58016

Medium priority
Needs evaluation

A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58015

Medium priority
Needs evaluation

A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicious D-Bus server can supply a...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58014

Medium priority
Needs evaluation

A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58013

Medium priority
Needs evaluation

A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58012

Medium priority
Needs evaluation

A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58011

Medium priority
Needs evaluation

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time_add_full function...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-58010

Medium priority
Needs evaluation

A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses > instead of >=, causing an...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-1489

Medium priority

Some fixes available 4 of 8

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages

CVE-2026-1485

Medium priority

Some fixes available 4 of 8

A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages

CVE-2026-1484

Medium priority

Some fixes available 4 of 8

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory...

1 affected package

glib2.0

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glib2.0 Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages