Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2020-35457
HistoryDec 14, 2020 - 11:15 p.m.

CVE-2020-35457

2020-12-1423:15:12
CWE-787
CWE-190
mitre
web.nvd.nist.gov
87
2
cve-2020-35457
gnome
glib
integer overflow
out-of-bounds write
security issue
nvd
vulnerability

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

34.4%

JSON

GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor’s position is “Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries().” The researcher states that this pattern is undocumented

Affected configurations

Nvd
Node
gnomeglibRange<2.65.3
VendorProductVersionCPE
gnomeglib*cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

Social References

More

Related

gitlab 1
nessus 19
openvas 12
ubuntucve 1
photon 12
nvd 1
cbl_mariner 2
prion 1
cvelist 1
alpinelinux 1
debiancve 1
amazon 2
gitlab
gitlab
Integer Overflow or Wraparound
2020-12-14 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : glib2 (EulerOS-SA-2021-2329)
2021-09-07 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : glib2 (EulerOS-SA-2021-1571)
2021-03-04 00:00:00
EulerOS 2.0 SP3 : glib2 (EulerOS-SA-2021-2580)
2021-10-25 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2021-1141)
2021-02-02 00:00:00
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2021-1571)
2021-03-05 00:00:00
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2021-1023)
2021-01-08 00:00:00
ubuntucve
ubuntucve
CVE-2020-35457
2020-12-14 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0351
2021-01-05 00:00:00
Important Photon OS Security Update - PHSA-2021-0181
2021-01-04 00:00:00
Important Photon OS Security Update - PHSA-2021-0351
2021-01-05 00:00:00
nvd
nvd
CVE-2020-35457
2020-12-14 23:15:12
cbl_mariner
cbl_mariner
CVE-2020-35457 affecting package glib for versions less than 2.60.1-5
2022-04-09 06:51:45
CVE-2020-35457 affecting package glib 2.58.0-10
2021-01-11 21:49:38
prion
prion
Integer overflow
2020-12-14 23:15:00
cvelist
cvelist
CVE-2020-35457
2020-12-14 22:25:09
alpinelinux
alpinelinux
CVE-2020-35457
2020-12-14 23:15:00
debiancve
debiancve
CVE-2020-35457
2020-12-14 23:15:12
amazon
amazon
Important: glib2
2024-04-11 01:07:00
Important: glib2
2024-04-11 01:43:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

34.4%

JSON
Related for CVE-2020-35457
gitlab1nessus19openvas12ubuntucve1photon12nvd1cbl_mariner2prion1cvelist1alpinelinux1debiancve1amazon2