VDB

ALPINE-CVE-2019-12450

ALPINE-CVE-2019-12450 PUBLISHED CVSS 9.800000190734863 CRITICAL

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.16glib2.20.3-r0, 2.18.3-r0, 0
Alpine:v3.13glib0, 0, 2.18.3-r0
Alpine:v3.12glib2.36.0-r0, 0, 2.58.1-r3
Alpine:v3.8glib0, 2.18.3-r0, 2.18.4-r0
Alpine:v3.15glib2.18.3-r0, 0, 2.58.1-r3
Alpine:v3.11glib0, 0, 2.18.3-r0
Alpine:v3.20glib2.36.1-r0, 2.18.3-r0, 2.20.4-r0
Alpine:v3.17glib2.44.1-r1, 2.44.1-r0, 2.44.0-r1
Alpine:v3.18glib2.40.0-r1, 0, 2.18.3-r0
Alpine:v3.22glib2.32.1-r1, 2.32.4-r0, 2.34.0-r0
Alpine:v3.7glib2.46.0-r0, 2.18.3-r0, 2.18.4-r0
Alpine:v3.9glib0, 2.18.3-r0, 2.18.4-r0
Alpine:v3.14glib2.20.0-r0, 0, 2.58.1-r3
Alpine:v3.23glib2.18.4-r0, 2.20.0-r0, 2.20.3-r0
Alpine:v3.24glib0
Alpine:v3.21glib2.50.2-r1, 2.20.0-r0, 2.18.3-r0
Alpine:v3.19glib2.58.1-r3, 0, 2.18.3-r0
Alpine:v3.10glib2.58.1-r3, 2.18.3-r0, 2.18.4-r0

Timeline

  • May 29, 2019 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 9, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›