VDB
DEBIAN-CVE-2025-7039
DEBIAN-CVE-2025-7039
PUBLISHED
CVSS 3.700000047683716 LOW
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.
Risk Scores
CVSS 3.1
3.700000047683716
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | glib2.0 | 0, 2.66.8-1, 2.66.8-1+deb11u6 |
| Debian:14 | glib2.0 | 0, 2.84.3-1, 0 |
| Debian:13 | glib2.0 | 2.84.3-1, 2.84.3-1, 2.84.4-1 |
| Debian:12 | glib2.0 | 2.74.6-2, 2.74.6-2, 2.74.6-2 |
Timeline
- Sep 3, 2025 CVE Published
- Apr 28, 2026 CVE Updated