CVE-2021-3800

Published: Aug 23, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Vendor	Product	Versions
n/a	Glib	affected `Fixed in glib2 2.63.6`

Weaknesses (CWE)

CWE-200

References

https://bugzilla.redhat.com/show_bug.cgi?id=1938284

https://access.redhat.com/security/cve/CVE-2021-3800

https://www.openwall.com/lists/oss-security/2017/06/23/8

https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995

[debian-lts-announce] 20220915 [SECURITY] [DLA 3110-1] glib2.0 security update

mailing-list

https://security.netapp.com/advisory/ntap-20221028-0004/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-3800

Description

Affected Products

Weaknesses (CWE)

References