{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13601", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-11-24T12:54:51.473Z", "datePublished": "2025-11-26T14:44:22.680Z", "dateUpdated": "2026-02-19T01:07:34.125Z"}, "containers": {"cna": {"title": "Glib: integer overflow in in g_escape_uri_string()", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "2.86.3", "versionType": "semver"}], "packageName": "glib", "collectionURL": "https://gitlab.gnome.org/GNOME/glib/", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.80.4-10.el10_1.12", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux:10.1"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10.0 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.80.4-4.el10_0.8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux_eus:10.0"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.1-11.el7_9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_els:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-168.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-8.el8_2.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:8.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-10.el8_4.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-10.el8_4.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-164.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_e4s:8.8::baseos", "cpe:/o:redhat:rhel_tus:8.8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.56.4-164.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_e4s:8.8::baseos", "cpe:/o:redhat:rhel_tus:8.8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-18.el9_7.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-18.el9_7.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-5.el9_0.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream", "cpe:/o:redhat:rhel_e4s:9.0::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-7.el9_2.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream", "cpe:/o:redhat:rhel_e4s:9.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-14.el9_4.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::crb", "cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/o:redhat:rhel_eus:9.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.6 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "affected", "versions": [{"version": "0:2.68.4-16.el9_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.6::appstream", "cpe:/o:redhat:rhel_eus:9.6::baseos", "cpe:/a:redhat:rhel_eus:9.6::crb"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "412.86.202602021310-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.12::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "416.94.202602101357-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "417.94.202602090846-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.18", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "418.94.202602022246-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.18::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.19", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "9.6.20260211-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.19::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Ceph Storage 8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhceph/rhceph-8-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:ceph_storage:8::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-server-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 2", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-ui-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:2::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Insights proxy 1.5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "insights-proxy/insights-proxy-container-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:insights_proxy:1.5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/cds-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/haproxy-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/installer-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhui5/rhua-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhui:5::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "mingw-glib2", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "glib2", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "mingw-glib2", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "mingw-glib2", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:0936", "name": "RHSA-2026:0936", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:0975", "name": "RHSA-2026:0975", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:0991", "name": "RHSA-2026:0991", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1323", "name": "RHSA-2026:1323", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1324", "name": "RHSA-2026:1324", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1326", "name": "RHSA-2026:1326", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1327", "name": "RHSA-2026:1327", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1465", "name": "RHSA-2026:1465", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1608", "name": "RHSA-2026:1608", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1624", "name": "RHSA-2026:1624", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1625", "name": "RHSA-2026:1625", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1626", "name": "RHSA-2026:1626", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1627", "name": "RHSA-2026:1627", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1652", "name": "RHSA-2026:1652", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1736", "name": "RHSA-2026:1736", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2064", "name": "RHSA-2026:2064", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2072", "name": "RHSA-2026:2072", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2485", "name": "RHSA-2026:2485", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2563", "name": "RHSA-2026:2563", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2633", "name": "RHSA-2026:2633", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2659", "name": "RHSA-2026:2659", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2671", "name": "RHSA-2026:2671", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13601", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741", "name": "RHBZ#2416741", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"}, {"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"}], "datePublic": "2025-11-24T13:00:15.295Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "timeline": [{"lang": "en", "time": "2025-11-24T12:49:28.274Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-11-24T13:00:15.295Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-19T01:07:34.125Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-26T14:58:08.094570Z", "id": "CVE-2025-13601", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-26T15:02:42.504Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13601", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-26T14:58:08.094570Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-26T14:58:11.050Z"}}], "cna": {"title": "Glib: integer overflow in in g_escape_uri_string()", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "2.86.3", "versionType": "semver"}], "packageName": "glib", "collectionURL": "https://gitlab.gnome.org/GNOME/glib/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10.1"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "versions": [{"status": "unaffected", "version": "0:2.80.4-10.el10_1.12", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux_eus:10.0"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10.0 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:2.80.4-4.el10_0.8", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_els:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "versions": [{"status": "unaffected", "version": "0:2.56.1-11.el7_9", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:2.56.4-168.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_aus:8.2::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "versions": [{"status": "unaffected", "version": "0:2.56.4-8.el8_2.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:2.56.4-10.el8_4.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:2.56.4-10.el8_4.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_aus:8.6::baseos", "cpe:/o:redhat:rhel_e4s:8.6::baseos", "cpe:/o:redhat:rhel_tus:8.6::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:2.56.4-158.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_e4s:8.8::baseos", "cpe:/o:redhat:rhel_tus:8.8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:2.56.4-164.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_e4s:8.8::baseos", "cpe:/o:redhat:rhel_tus:8.8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:2.56.4-164.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:2.68.4-18.el9_7.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:2.68.4-18.el9_7.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream", "cpe:/o:redhat:rhel_e4s:9.0::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:2.68.4-5.el9_0.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream", "cpe:/o:redhat:rhel_e4s:9.2::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:2.68.4-7.el9_2.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::crb", "cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/o:redhat:rhel_eus:9.4::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:2.68.4-14.el9_4.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.6::appstream", "cpe:/o:redhat:rhel_eus:9.6::baseos", "cpe:/a:redhat:rhel_eus:9.6::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.6 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:2.68.4-16.el9_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.12::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "versions": [{"status": "unaffected", "version": "412.86.202602021310-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "416.94.202602101357-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.17::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "versions": [{"status": "unaffected", "version": "417.94.202602090846-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.18::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.18", "versions": [{"status": "unaffected", "version": "418.94.202602022246-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.19::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.19", "versions": [{"status": "unaffected", "version": "9.6.20260211-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ceph_storage:8::el9"], "vendor": "Red Hat", "product": "Red Hat Ceph Storage 8", "versions": [{"status": "unaffected", "version": "sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhceph/rhceph-8-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-server-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:2::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 2", "versions": [{"status": "unaffected", "version": "sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-ui-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:insights_proxy:1.5::el9"], "vendor": "Red Hat", "product": "Red Hat Insights proxy 1.5", "versions": [{"status": "unaffected", "version": "sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016", "lessThan": "*", "versionType": "rpm"}], "packageName": "insights-proxy/insights-proxy-container-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/cds-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/haproxy-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/installer-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhui:5::el9"], "vendor": "Red Hat", "product": "Red Hat Update Infrastructure 5", "versions": [{"status": "unaffected", "version": "sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhui5/rhua-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "mingw-glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "mingw-glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "mingw-glib2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-11-24T12:49:28.274Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-11-24T13:00:15.295Z", "value": "Made public."}], "datePublic": "2025-11-24T13:00:15.295Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:0936", "name": "RHSA-2026:0936", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:0975", "name": "RHSA-2026:0975", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:0991", "name": "RHSA-2026:0991", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1323", "name": "RHSA-2026:1323", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1324", "name": "RHSA-2026:1324", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1326", "name": "RHSA-2026:1326", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1327", "name": "RHSA-2026:1327", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1465", "name": "RHSA-2026:1465", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1608", "name": "RHSA-2026:1608", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1624", "name": "RHSA-2026:1624", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1625", "name": "RHSA-2026:1625", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1626", "name": "RHSA-2026:1626", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1627", "name": "RHSA-2026:1627", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1652", "name": "RHSA-2026:1652", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:1736", "name": "RHSA-2026:1736", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2064", "name": "RHSA-2026:2064", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2072", "name": "RHSA-2026:2072", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2485", "name": "RHSA-2026:2485", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2563", "name": "RHSA-2026:2563", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2633", "name": "RHSA-2026:2633", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2659", "name": "RHSA-2026:2659", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2026:2671", "name": "RHSA-2026:2671", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13601", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741", "name": "RHBZ#2416741", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"}, {"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-02-19T01:07:34.125Z"}, "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"}}, "cveMetadata": {"cveId": "CVE-2025-13601", "state": "PUBLISHED", "dateUpdated": "2026-02-19T01:07:34.125Z", "dateReserved": "2025-11-24T12:54:51.473Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-11-26T14:44:22.680Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "7905C85D-4663-4485-99C1-202F4A7D6EBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "CA3C5EAE-267F-410F-8AFA-8F5B68A9E617", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "7B3D7389-35C1-48C4-A9EC-2564842723C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "D70C7263-C24B-4090-9E44-0E0CFD2294A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "1810D5FB-1AB2-4861-A671-CA548C2FFDC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "5EE296A4-202C-41AF-92AB-AC0672EAFA90", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:10.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "EF8B4882-78F7-4DC5-BF80-983143DA0155", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "FA2DB6C0-E18E-492A-B517-4020A7FB049A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "6FAC9D08-6D5C-443D-99C7-6FD20AF83523", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D791EEA5-68D1-41E0-A53D-8EBB9C6CF873", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "18873769-C951-42F2-A98B-761652148F59", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "8492E227-C09E-4F51-8EAF-0F7BCCD41A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "1FABD546-0E45-4A65-A2E5-50EC62B852E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C4D6060-0C13-4976-A366-C4655367AA78", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "C70933CB-B915-4792-902B-CC858829D208", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "55CF7208-4D36-4C35-92BC-F6EA2C8DEDE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "F791F846-7762-40E0-9056-032FD10F2046", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F967F2F2-9B99-46D3-A092-F7AE41F5D5B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "73F3D9DA-CEFB-471B-85A2-8652D37D7F30", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "97104CED-E93B-49CE-81F8-810AF2A8A392", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2:*:*:*:*:*:aarch64:*", "matchCriteriaId": "4ACBFE13-EF28-48EC-ACDC-AC3159C2AB67", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "2E068ABB-31C2-416E-974A-95E07A2BAB0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "ED521457-498F-4E43-B714-9A3F2C3CD09A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "66DA6342-8316-4961-9C2A-01D6DC51446A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4:*:*:*:*:*:aarch64:*", "matchCriteriaId": "80A262F1-B05B-43BA-ABB2-0FDE68C16A8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "1E1C5656-6A78-4DCD-A369-76DFD61618E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "D0002CB3-8004-4927-A92C-E7C1F83322E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "0F4B9984-698D-4A60-AB6C-3B4CCDD9697F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4:*:*:*:*:*:aarch64:*", "matchCriteriaId": "8B79BA89-CB0F-4153-9692-AA9BEA765076", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "069180B4-BA50-4AD0-8BA9-83F8005E58BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "53EBD3B7-D31D-46A5-BDFA-178FDF79C776", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "A75E10C3-AA3F-43CD-AB14-16754619B48D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "E5EF3CEF-62CF-4860-8301-4154D2407236", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "212A3822-46F7-4144-B875-349452A93F73", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "24105826-EBD2-4029-978B-B7176343C09C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:10.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "C1FC4688-EE61-40B0-B36C-5B40A54FEB0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "8E6DF379-2929-4F2B-A3F7-D32EF0A634B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "79B04B55-C375-4A04-88B6-307B5121538D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AEA15D8-8BE8-4D4A-97C3-5F237CAB18DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0:*:*:*:*:*:aarch64:*", "matchCriteriaId": "FC6F6213-7AE9-4454-B3CB-8AD6999C733E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "6D8456B7-F13F-4E74-B610-F1301B738A6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "189D490B-E674-4957-BD84-B0615A06FBF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "9ECE154D-05A8-43F6-AAEB-9EF460B3A721", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "50CBF587-5E49-41B8-803E-3020142FF1A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.6:*:*:*:*:*:aarch64:*", "matchCriteriaId": "9B58B337-8F7B-4812-91BF-F26044EDF603", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "D4A892AD-1CB2-42AC-B163-DB34613D8AF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "AC8564CF-FCAC-48AE-AE11-4AB7068197BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.6:*:*:*:*:*:*:*", "matchCriteriaId": "241FE2FA-8B22-4878-B30A-81ABEFD29C2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.6:*:*:*:*:*:aarch64:*", "matchCriteriaId": "8E3BC071-331C-40FF-911C-699B83C9E874", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "D284FF58-5ED8-4F0F-80BA-4E677256994A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "F1F38D24-E400-42E8-BBD3-CA44CE414D54", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "0516993E-CBD5-44F1-8684-7172C9ABFD0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.6:*:*:*:*:*:*:*", "matchCriteriaId": "DAF644CC-8CDF-4C0C-B40C-80106A479B58", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:*", "matchCriteriaId": "7254B894-CFCB-4599-8228-A3DD7C996489", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*", "matchCriteriaId": "0FDD919E-B7FE-4EC5-8D6B-EC9A4723D6E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "7BA517DC-CC2E-4F71-A753-3611747C2B03", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "C04BCAC6-85B4-45C3-9591-B8A3B95E0682", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "DF4865A7-DD37-45C0-839E-AA07F47DD44F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.6_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "B5ACFD7D-558D-4E72-824B-3C890BE76086", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "7692F48F-F14D-452A-B145-761A28A65063", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "439D3548-E194-4A99-8E39-EC1A7B1C0BAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "C9F10F1F-5DA7-49FF-A8A7-524251699323", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "A50F79DB-13DE-4725-962D-9487256F03EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ceph_storage:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "52AE9D9D-5D74-4AB8-8FF9-5CEA2A1A97B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:discovery:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "46C0E53D-07D5-48BF-8749-637DACF255A5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*", "matchCriteriaId": "890566A0-619C-42E2-BD1D-9EFAC63E68F4", "versionEndExcluding": "2.86.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "0EBB38E1-4161-402D-8A37-74D92891AAC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "F4B66318-326A-43E4-AF14-015768296E4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "710DD65D-7740-4D21-9078-5242C034B00B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F6DB92CE-A718-4162-A212-6EB15EFE9470", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "E52D8667-D64B-4E4D-972F-089A2D834C34", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "D3056B67-E5C4-40A0-86BF-1D9E6637B13F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "5E33CF29-5075-467C-8F38-D7144262CF8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "68CE620D-7572-4194-87C0-E278BDC2AED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.19:*:*:*:*:*:*:*", "matchCriteriaId": "31D15414-0D1A-43E2-A7F5-30EE5A97F9E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "352D5845-975E-4B7F-A44D-4F99D43450BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "F1C47559-7265-4185-84B5-D8D2B177E08A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "E0D104DE-8FF4-4CD1-A698-3A5296956FCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "FECE0715-303D-4696-9145-0CF6E0CBCDCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.19:*:*:*:*:*:*:*", "matchCriteriaId": "4B4807AE-AFE5-4036-ADFC-0AD635551605", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "1E5E9340-DD85-4B10-9A1D-9021C95229A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "ABEED453-F241-4841-A5AE-8BFFA587119F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "ACED494B-3DE5-41E2-A775-DEFEA19E92FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "D260BEC4-3932-4F7E-8C2B-2472C320373A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.19:*:*:*:*:*:*:*", "matchCriteriaId": "C17BE9D3-0C33-4240-A7D7-DA5094E152D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "2127E592-F973-4244-9793-680736EC5313", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "0EC48A26-5827-4EC0-BE90-EA25F0A9B56C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "57C161A1-56C7-4090-989D-F1784F1F4E54", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "7F398F24-4233-4914-B063-5F586D843DA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.19:*:*:*:*:*:*:*", "matchCriteriaId": "D408B9F4-3E3A-4FD6-AA48-785A8C77E197", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string."}], "id": "CVE-2025-13601", "lastModified": "2026-02-24T21:44:18.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.2, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2025-11-26T15:15:51.723", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:0936"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:0975"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:0991"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1323"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1324"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1326"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1327"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1465"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1608"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1624"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1625"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1626"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1627"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1652"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:1736"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2064"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2072"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2485"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2563"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2633"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2659"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2026:2671"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2025-13601"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"bugzilla": {"description": "glib: Integer overflow in in g_escape_uri_string()", "id": "2416741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string."], "name": "CVE-2025-13601", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "mingw-glib2", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2025-11-24T13:00:15Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-13601\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13601\nhttps://gitlab.gnome.org/GNOME/glib/-/issues/3827\nhttps://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"], "threat_severity": "Moderate"}

{}