Lucene search
HistoryAug 23, 2022 - 4:15 p.m.
CVE-2021-3800
glib
pkexec
file leakage
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
31.6%
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
Affected configurations
Node
gnomeglibRange<2.62.5
ORgnomeglibRange2.63.0–2.63.6
Node
debiandebian_linuxMatch10.0
Node
netappactive_iq_unified_managerMatch-vmware_vsphere
References
Related
openvas
openvas
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2220)
2023-06-12 00:00:00
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2410)
2023-07-25 00:00:00
Ubuntu: Security Advisory (USN-5189-1)
2021-12-14 00:00:00
ubuntu
ubuntu
GLib vulnerability
2021-12-13 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3800 affecting package glib 2.58.0-9
2022-12-27 17:55:47
osv
osv
CVE-2021-3800
2022-08-23 16:15:09
glib2.0 - security update
2022-09-15 00:00:00
A security issue was fixed in GLib
2021-12-13 19:48:07
nessus
nessus
EulerOS Virtualization 3.0.6.0 : glib2 (EulerOS-SA-2023-2220)
2023-06-12 00:00:00
EulerOS Virtualization 3.0.2.0 : glib2 (EulerOS-SA-2023-1701)
2023-05-07 00:00:00
SUSE SLED12 / SLES12 Security Update : glib2 (SUSE-SU-2022:0828-1)
2022-03-17 00:00:00
veracode
veracode
Privilege Escalation
2021-11-17 22:36:12
cve
cve
CVE-2021-3800
2022-08-23 16:15:09
redhatcve
redhatcve
CVE-2021-3800
2021-10-05 18:00:54
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3800
2022-01-13 14:29:56
cloudfoundry
cloudfoundry
USN-5189-1: GLib vulnerability | Cloud Foundry
2022-01-20 00:00:00
amazon
amazon
Medium: glib2
2023-05-25 17:41:00
Important: glib2
2023-04-27 16:19:00
gitlab
gitlab
Files or Directories Accessible to External Parties
2022-08-23 00:00:00
debiancve
debiancve
CVE-2021-3800
2022-08-23 16:15:09
broadcom
broadcom
ubuntucve
ubuntucve
CVE-2021-3800
2021-11-02 00:00:00
debian
debian
[SECURITY] [DLA 3110-1] glib2.0 security update
2022-09-15 12:57:02
cvelist
cvelist
CVE-2021-3800
2022-08-23 00:00:00
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0300
2022-12-16 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0300
2022-12-16 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0449
2022-09-09 00:00:00
rocky
rocky
glib2 security and bug fix update
2021-11-09 09:16:02
redhat
redhat
(RHSA-2021:4385) Moderate: glib2 security and bug fix update
2021-11-09 09:16:02
(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0
2022-02-03 17:07:25
almalinux
almalinux
Moderate: glib2 security and bug fix update
2021-11-09 09:16:02
oraclelinux
oraclelinux
glib2 security and bug fix update
2021-11-16 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35
2022-01-30 01:44:13
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
31.6%
Related for NVD:CVE-2021-3800