CVE-2021-28153

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-28153

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28153.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-28153

Related

Published

2021-03-11T22:15:12Z

Modified

2024-09-18T03:14:08.696747Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace() is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)

References

Affected packages

Alpine:v3.13 / glib

Package

Name: glib
Purl: pkg:apk/alpine/glib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.66.6-r0

Affected versions

2.*

2.18.3-r0

2.18.4-r0

2.20.0-r0

2.20.3-r0

2.20.4-r0

2.20.4-r1

2.20.4-r2

2.20.5-r0

2.22.2-r0

2.22.4-r0

2.24.0-r0

2.24.0-r1

2.24.0-r2

2.24.0-r3

2.24.0-r4

2.24.2-r0

2.24.2-r1

2.25.17-r0

2.26.0-r0

2.26.0-r1

2.26.0-r2

2.27.92-r0

2.27.93-r0

2.28.0-r0

2.28.0-r1

2.28.8-r0

2.30.0-r0

2.30.0-r1

2.32.1-r0

2.32.1-r1

2.32.4-r0

2.34.0-r0

2.34.0-r1

2.34.0-r2

2.34.2-r0

2.34.3-r0

2.36.0-r0

2.36.1-r0

2.36.4-r0

2.38.0-r0

2.38.1-r0

2.38.1-r1

2.38.2-r0

2.40.0-r0

2.40.0-r1

2.42.0-r0

2.44.0-r0

2.44.0-r1

2.44.1-r0

2.44.1-r1

2.46.0-r0

2.46.0-r1

2.46.2-r0

2.46.2-r1

2.48.0-r0

2.48.0-r1

2.48.1-r0

2.48.1-r1

2.48.1-r2

2.48.1-r3

2.48.2-r0

2.50.0-r0

2.50.2-r0

2.50.2-r1

2.50.3-r0

2.52.0-r0

2.52.1-r0

2.54.0-r0

2.54.1-r0

2.54.2-r0

2.56.0-r0

2.56.1-r0

2.58.1-r0

2.58.1-r1

2.58.1-r2

2.58.1-r3

2.60.4-r0

2.60.5-r0

2.60.6-r0

2.60.7-r0

2.62.0-r0

2.62.1-r0

2.62.2-r0

2.62.3-r0

2.62.4-r0

2.62.4-r1

2.62.5-r0

2.62.5-r1

2.64.0-r0

2.64.1-r0

2.64.2-r0

2.64.2-r1

2.64.2-r2

2.64.2-r3

2.64.3-r0

2.64.3-r1

2.64.4-r0

2.64.5-r0

2.66.0-r0

2.66.1-r0

2.66.2-r0

2.66.3-r0

2.66.4-r0

Debian:11 / glib2.0

Package

Name: glib2.0
Purl: pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.66.7-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / glib2.0

Package

Name: glib2.0
Purl: pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.66.7-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / glib2.0

Package

Name: glib2.0
Purl: pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.66.7-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/gnome/glib

Affected ranges

Type: GIT
Repo: https://github.com/gnome/glib
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

dde05fd4fcd1d96d1693723ae1d7f37ecd991215

Affected versions

2.*

2.20.0

2.20.1

2.21.1

2.21.2

2.21.3

2.21.4

2.21.5

2.21.6

2.22.0

2.22.2

2.23.0

2.23.1

2.23.2

2.23.3

2.23.4

2.23.5

2.23.6

2.24.0

2.25.0

2.25.10

2.25.11

2.25.12

2.25.13

2.25.14

2.25.15

2.25.2

2.25.3

2.25.4

2.25.5

2.25.6

2.25.8

2.25.9

2.27.0

2.27.1

2.27.2

2.27.3

2.27.5

2.27.90

2.27.91

2.27.92

2.27.93

2.28.0

2.29.10

2.29.12

2.29.14

2.29.16

2.29.18

2.29.2

2.29.4

2.29.6

2.29.8

2.29.90

2.31.0

2.31.10

2.31.12

2.31.14

2.31.16

2.31.18

2.31.2

2.31.20

2.31.22

2.31.4

2.31.6

2.31.8

2.32.0

2.32.1

2.33.1

2.33.10

2.33.12

2.33.14

2.33.2

2.33.3

2.33.4

2.33.6

2.33.8

2.34.0

2.35.1

2.35.2

2.35.3

2.35.4

2.35.6

2.35.7

2.35.8

2.35.9

2.36.0

2.37.0

2.37.1

2.37.2

2.37.3

2.37.4

2.37.5

2.37.6

2.37.7

2.37.92

2.37.93

2.38.0

2.39.0

2.39.1

2.39.2

2.39.3

2.39.4

2.39.90

2.39.91

2.39.92

2.41.1

2.41.2

2.41.3

2.41.4

2.41.5

2.42.0

2.43.0

2.43.1

2.43.2

2.43.3

2.43.4

2.43.90

2.43.91

2.43.92

2.45.1

2.45.2

2.45.3

2.45.4

2.45.5

2.45.6

2.45.7

2.45.8

2.46.0

2.47.1

2.47.2

2.47.3

2.47.4

2.47.5

2.47.6

2.47.92

2.48.0

2.49.1

2.49.2

2.49.3

2.49.4

2.49.5

2.49.6

2.49.7

2.50.0

2.50.1

2.51.0

2.51.1

2.51.2

2.51.3

2.51.4

2.51.5

2.52.0

2.53.1

2.53.2

2.53.3

2.53.4

2.53.5

2.53.6

2.53.7

2.54.0

2.55.0

2.55.1

2.56.0

2.57.1

2.57.2

2.57.3

2.58.0

2.59.0

2.59.1

2.59.2

2.59.3

2.60.0

2.61.0

2.61.1

2.61.2

2.61.3

2.62.0

2.63.0

2.63.1

2.63.2

2.63.3

2.63.4

2.63.5

2.63.6

2.64.0

2.65.0

2.65.1

2.65.2

2.65.3

2.66.0

2.66.1

2.66.2

2.66.3

2.66.4

2.66.5

2.66.6

2.66.7

Other

FOR_GNOME_0_99_1

GLIB_1_1_0

GLIB_1_1_1

GLIB_1_1_10

GLIB_1_1_11

GLIB_1_1_12

GLIB_1_1_13

GLIB_1_1_14

GLIB_1_1_15

GLIB_1_1_16

GLIB_1_1_2

GLIB_1_1_3

GLIB_1_1_3a

GLIB_1_1_4

GLIB_1_1_5

GLIB_1_1_6

GLIB_1_1_7

GLIB_1_1_8

GLIB_1_1_8a

GLIB_1_1_9

GLIB_1_2_0

GLIB_1_2_9PRE1

GLIB_1_3_0

GLIB_1_3_1

GLIB_1_3_10

GLIB_1_3_11

GLIB_1_3_12

GLIB_1_3_13

GLIB_1_3_14

GLIB_1_3_15

GLIB_1_3_2

GLIB_1_3_3

GLIB_1_3_4

GLIB_1_3_5

GLIB_1_3_6

GLIB_1_3_7

GLIB_1_3_8

GLIB_1_3_9

GLIB_2_0_0

GLIB_2_0_0_RC1

GLIB_2_0_1

GLIB_2_10_0

GLIB_2_10_1

GLIB_2_11_0

GLIB_2_11_1

GLIB_2_11_2

GLIB_2_11_3

GLIB_2_11_4

GLIB_2_12_0

GLIB_2_12_1

GLIB_2_12_2

GLIB_2_13_0

GLIB_2_13_1

GLIB_2_13_2

GLIB_2_13_3

GLIB_2_13_5

GLIB_2_13_6

GLIB_2_13_7

GLIB_2_14_0

GLIB_2_14_1

GLIB_2_14_2

GLIB_2_14_3

GLIB_2_15_1

GLIB_2_15_2

GLIB_2_15_3

GLIB_2_15_4

GLIB_2_15_5

GLIB_2_15_6

GLIB_2_16_1

GLIB_2_17_0

GLIB_2_17_1

GLIB_2_17_2

GLIB_2_17_3

GLIB_2_17_4

GLIB_2_17_5

GLIB_2_17_6

GLIB_2_17_7

GLIB_2_18_0

GLIB_2_18_1

GLIB_2_19_0

GLIB_2_19_1

GLIB_2_19_10

GLIB_2_19_2

GLIB_2_19_3

GLIB_2_19_4

GLIB_2_19_5

GLIB_2_19_6

GLIB_2_19_7

GLIB_2_19_8

GLIB_2_19_9

GLIB_2_1_3

GLIB_2_1_4

GLIB_2_1_5

GLIB_2_20_0

GLIB_2_2_0

GLIB_2_3_0

GLIB_2_3_1

GLIB_2_3_2

GLIB_2_3_3

GLIB_2_3_5

GLIB_2_3_6

GLIB_2_4_0

GLIB_2_4_1

GLIB_2_5_0

GLIB_2_5_1

GLIB_2_5_2

GLIB_2_5_3

GLIB_2_5_5

GLIB_2_5_6

GLIB_2_6_0

GLIB_2_6_1

GLIB_2_7_0

GLIB_2_7_1

GLIB_2_7_2

GLIB_2_7_3

GLIB_2_7_4

GLIB_2_7_5

GLIB_2_7_6

GLIB_2_7_7

GLIB_2_8_0

GLIB_2_8_1

GLIB_2_9_0

GLIB_2_9_1

GLIB_2_9_2

GLIB_2_9_3

GLIB_2_9_4

GLIB_2_9_5

GLIB_2_9_6

GLIB_GNOME_0_99_1

GLIB_VERSION_1_1_3

GNOME_PRINT_0_24

GOBJECT_GType_guint

GTK_2_5_4

GTK_2_7_4

GTK_ALL_1_3_6

PRE_CLEANUP

R_2_0_core

glib-2-0-branchpoint

glib-2-10-branchpoint

glib-2-12-branchpoint

glib-2-2-branchpoint

glib-2-4-branchpoint

glib-2-6-branchpoint

gobject_0_10_0

gobject_0_9_0

start

glib-2.*

glib-2.25.7