« List of all CVEs

CVE-2025-13601

Glib: integer overflow in in g_escape_uri_string()

Published: 11/26/2025 Last updated: 4/19/2026 Reserved: 11/24/2025

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 7.7 High CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Opam packages affected (1)

conf-glib-2

Products affected (79)

Product Vendor Version
Red Hat Discovery 2 Red Hat n/a
Red Hat Discovery 2 Red Hat n/a
Red Hat Discovery 2 Red Hat n/a
Red Hat Discovery 2 Red Hat n/a
n/a
Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat n/a
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat n/a
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Red Hat n/a
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat n/a
Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat n/a
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 8.8 Telecommunications Update Service Red Hat n/a
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9.4 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 9.6 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 10 Red Hat n/a
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 7 Extended Lifecycle Support Red Hat n/a
Red Hat Enterprise Linux 8 Red Hat n/a
Red Hat Enterprise Linux 6 Red Hat n/a
Red Hat Hardened Images Red Hat n/a
Red Hat Enterprise Linux 10 Red Hat n/a
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 7 Extended Lifecycle Support Red Hat n/a
Red Hat Enterprise Linux 8 Red Hat n/a
Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat n/a
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat 13.0
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Red Hat n/a
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat n/a
Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat n/a
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 8.8 Telecommunications Update Service Red Hat n/a
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 9.4 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 9.6 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 6 Red Hat n/a
Red Hat Hardened Images Red Hat n/a
Red Hat Insights proxy 1.5 Red Hat n/a
Red Hat Insights proxy 1.5 Red Hat n/a
Red Hat Enterprise Linux 10 Red Hat n/a
Red Hat Enterprise Linux 8 Red Hat n/a
Red Hat Enterprise Linux 10 Red Hat <= 4.2.1
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 8 Red Hat n/a
Red Hat Ceph Storage 8 Red Hat n/a
Red Hat Ceph Storage 8 Red Hat n/a
Red Hat OpenShift Container Platform 4.17 Red Hat n/a
Red Hat OpenShift Container Platform 4.19 Red Hat n/a
Red Hat OpenShift Container Platform 4.13 Red Hat n/a
Red Hat OpenShift Container Platform 4.12 Red Hat n/a
Red Hat OpenShift Container Platform 4.16 Red Hat n/a
Red Hat OpenShift Container Platform 4.17 Red Hat n/a
Red Hat OpenShift Container Platform 4.18 Red Hat n/a
Red Hat OpenShift Container Platform 4.19 Red Hat n/a
Red Hat OpenShift Container Platform 4.15 Red Hat n/a
Red Hat OpenShift Container Platform 4.14 Red Hat n/a
Red Hat OpenShift Container Platform 4.12 Red Hat n/a
Red Hat OpenShift Container Platform 4.13 Red Hat n/a
Red Hat OpenShift Container Platform 4.14 Red Hat n/a
Red Hat OpenShift Container Platform 4.15 Red Hat n/a
Red Hat OpenShift Container Platform 4.16 Red Hat n/a
Red Hat OpenShift Container Platform 4.18 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a
Red Hat Update Infrastructure 5 Red Hat n/a

References (59)