CVE-2025-3360

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-3360
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3360.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-3360
Downstream
Related
Published
2025-04-07T13:15:43Z
Modified
2025-07-29T11:22:13.123115Z
Summary
[none]
Details

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfrom_iso8601() function.

References

Affected packages

Debian:11 / glib2.0

Package

Name
glib2.0
Purl
pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.66.8-1+deb11u6

Affected versions

2.*

2.66.8-1
2.66.8-1+deb11u1
2.66.8-1+deb11u2
2.66.8-1+deb11u3
2.66.8-1+deb11u4
2.66.8-1+deb11u5

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / glib2.0

Package

Name
glib2.0
Purl
pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.74.6-2+deb12u6

Affected versions

2.*

2.74.6-2
2.74.6-2+deb12u1
2.74.6-2+deb12u2
2.74.6-2+deb12u3
2.74.6-2+deb12u4
2.74.6-2+deb12u5

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / glib2.0

Package

Name
glib2.0
Purl
pkg:deb/debian/glib2.0?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.84.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}