VDB
GCVE-VVD-MAGEIA-2025-35
GCVE-VVD-MAGEIA-2025-35
Advisory Published
Path traversal leading to arbitrary .ttf file write. (CVE-2024-12425)
URL fetching can be used to exfiltrate arbitrary INI file values and
environment variables. (CVE-2024-12426)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-browser-cookie3 | 0 (affected), 0.20.1-1.mga9 (unaffected) | — |
| Mageia | python-socksio | 0 (affected), 1.0.0-1.1.mga9 (unaffected) | — |
| Mageia | python-httpx | 0 (affected), 0.23.0-1.1.mga9 (unaffected) | — |
| Mageia | python-aiomcache | 0 (affected), 0.8.2-1.mga9 (unaffected) | — |
| Mageia | python-aiosqlite | 0 (affected), 0.20.0-1.mga9 (unaffected) | — |
| Mageia | python-aiocache | 0 (affected), 0.12.3-1.mga9 (unaffected) | — |
| Mageia | python-arsenic | 0 (affected), 21.8-1.mga9 (unaffected) | — |
| Mageia | python-maturin | 0 (affected), 1.2.3-1.mga9 (unaffected) | — |
| Mageia | python-mitmproxy-wireguard | 0 (affected), 0.1.23-1.mga9 (unaffected) | — |
| Mageia | python3-loguru | 0 (affected), 0.5.3-1.mga9 (unaffected) | — |
| Mageia | wapiti | 0 (affected), 3.1.4-1.mga9 (unaffected) | — |
| Mageia | libreoffice | 0 (affected), 24.2.7.2-1.mga9 (unaffected), 0 (affected), 24.2.7.2-1.mga9 (unaffected) | — |
References
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.