QwikSec

Security Database

CVE

CWE

Training

CVE-2020-35457

Published: Dec 14, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries()." The researcher states that this pattern is undocumented

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d

x_refsource_MISC

https://gitlab.gnome.org/GNOME/glib/-/issues/2197

x_refsource_MISC

https://gitlab.gnome.org/GNOME/glib/-/releases/2.65.3

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2020-35457 - Security Vulnerability | QwikSec