VDB

GCVE-VVD-MAGEIA-2021-162

GCVE-VVD-MAGEIA-2021-162
Advisory Published
Vulnetix · Advisory published July 27, 2021
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.) (CVE-2021-28153)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaglib2.00 (affected), 2.66.8-1.mga8 (unaffected), 0 (affected), 2.66.8-1.mga8 (unaffected)
Mageiamingw-glib20 (affected), 2.66.8-1.mga8 (unaffected), 0 (affected), 2.66.8-1.mga8 (unaffected)
Mageiaglm0 (affected), 0.9.9.8-1.mga8 (unaffected)

References

Updated glib2.0 packages fix security vulnerability
advisory
Updated glib2.0 packages fix security vulnerability
issue
Updated glib2.0 packages fix security vulnerability
issue
Updated glm packages to new version.
advisory
Updated glm packages to new version.
issue
Updated glm packages to new version.
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›