Nixpkgs security tracker
Untriaged
Permalink
CVE-2025-3360
3.7 LOW
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
References
Affected products
glib
- <2.82.5
bootc
glib2
loupe
librsvg2
mingw-glib2
glycin-loaders
Matching in nixpkgs
pkgs.bootc
Boot and upgrade via container images
pkgs.mlxbf-bootctl
Control BlueField boot partitions
pkgs.rubyPackages.glib2
None
-
nixos-unstable glib2-4.2.1
- nixos-unstable-small glib2-4.2.1
pkgs.rubyPackages_3_1.glib2
None
-
nixos-unstable glib2-4.2.1
- nixpkgs-unstable glib2-4.2.1
- nixos-unstable-small glib2-4.2.1
pkgs.rubyPackages_3_2.glib2
None
-
nixos-unstable glib2-4.2.1
- nixpkgs-unstable glib2-4.2.1
- nixos-unstable-small glib2-4.2.1
pkgs.rubyPackages_3_3.glib2
None
-
nixos-unstable glib2-4.2.1
- nixpkgs-unstable glib2-4.2.1
- nixos-unstable-small glib2-4.2.1
pkgs.rubyPackages_3_4.glib2
None
-
nixos-unstable glib2-4.2.1
- nixpkgs-unstable glib2-4.2.1
- nixos-unstable-small glib2-4.2.1
Package maintainers
-
@Thesola10 Karim Vergnes <me@thesola.io>
-
@nikstur nikstur <nikstur@outlook.com>