VDB
ALPINE-CVE-2019-12450
ALPINE-CVE-2019-12450
PUBLISHED
CVSS 9.800000190734863 CRITICAL
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.16 | glib | 2.20.3-r0, 2.18.3-r0, 0 |
| Alpine:v3.13 | glib | 0, 0, 2.18.3-r0 |
| Alpine:v3.12 | glib | 2.36.0-r0, 0, 2.58.1-r3 |
| Alpine:v3.8 | glib | 0, 2.18.3-r0, 2.18.4-r0 |
| Alpine:v3.15 | glib | 2.18.3-r0, 0, 2.58.1-r3 |
| Alpine:v3.11 | glib | 0, 0, 2.18.3-r0 |
| Alpine:v3.20 | glib | 2.36.1-r0, 2.18.3-r0, 2.20.4-r0 |
| Alpine:v3.17 | glib | 2.44.1-r1, 2.44.1-r0, 2.44.0-r1 |
| Alpine:v3.18 | glib | 2.40.0-r1, 0, 2.18.3-r0 |
| Alpine:v3.22 | glib | 2.32.1-r1, 2.32.4-r0, 2.34.0-r0 |
| Alpine:v3.7 | glib | 2.46.0-r0, 2.18.3-r0, 2.18.4-r0 |
| Alpine:v3.9 | glib | 0, 2.18.3-r0, 2.18.4-r0 |
| Alpine:v3.14 | glib | 2.20.0-r0, 0, 2.58.1-r3 |
| Alpine:v3.23 | glib | 2.18.4-r0, 2.20.0-r0, 2.20.3-r0 |
| Alpine:v3.24 | glib | 0 |
| Alpine:v3.21 | glib | 2.50.2-r1, 2.20.0-r0, 2.18.3-r0 |
| Alpine:v3.19 | glib | 2.58.1-r3, 0, 2.18.3-r0 |
| Alpine:v3.10 | glib | 2.58.1-r3, 2.18.3-r0, 2.18.4-r0 |
Timeline
- May 29, 2019 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 9, 2026 CVE Updated