CVE-2025-13601

Medienbericht

Exploit

EPSS 0.01%
Veröffentlicht 26.11.2025 14:44:22
Zuletzt bearbeitet 19.03.2026 06:16:24
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 33

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Codeready Linux Builder Version9.0 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version9.0_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version9.0_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Version9.0

Redhat ≫ Enterprise Linux For Arm 64 Version9.0 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version9.0_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version9.0

Redhat ≫ Codeready Linux Builder For Arm64 Version10.0 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version10.0_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version10.0_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Version10.0

Redhat ≫ Enterprise Linux For Arm 64 Version10.0 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version10.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version10.0_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version10.0

Redhat ≫ Codeready Linux Builder For Arm64 Version8.0 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version8.0_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version8.0_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Version8.0

Redhat ≫ Enterprise Linux For Arm 64 Version8.0 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version8.0

Redhat ≫ Enterprise Linux For Arm 64 Version9.2 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.2_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version9.2_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version9.2

Redhat ≫ Enterprise Linux Server Aus Version9.2

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.4 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version9.4_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version9.4_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Version9.4

Redhat ≫ Enterprise Linux For Arm 64 Version9.4 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.4_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version9.4_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version9.4

Redhat ≫ Enterprise Linux For X86 64 Eus Version9.4

Redhat ≫ Enterprise Linux Server Aus Version9.4

Redhat ≫ Enterprise Linux Server For Power Little Endian Version9.4_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version10.0 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version10.0_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version10.0_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Eus Version10.0

Redhat ≫ Enterprise Linux For Arm 64 Eus Version10.0 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version10.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version10.0_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Eus Version10.0

Redhat ≫ Enterprise Linux Server For Power Little Endian Version10.0_ppc64le

Redhat ≫ Codeready Linux Builder For Arm64 Version9.6 HwPlatformaarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version9.6_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version9.6_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Version9.6

Redhat ≫ Enterprise Linux For Arm 64 Version9.6 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.6_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version9.6_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version9.6

Redhat ≫ Enterprise Linux For X86 64 Eus Version9.6

Redhat ≫ Enterprise Linux Server Aus Version9.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Version9.6_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version8.6

Redhat ≫ Enterprise Linux For X86 64 Eus Version8.6

Redhat ≫ Enterprise Linux Server Aus Version8.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Version8.6_ppc64le

Redhat ≫ Enterprise Linux Server Tus Version8.6

Redhat ≫ Enterprise Linux For X86 64 Version8.8

Redhat ≫ Enterprise Linux For X86 64 Eus Version8.8

Redhat ≫ Enterprise Linux Server For Power Little Endian Version8.8_ppc64le

Redhat ≫ Enterprise Linux Server Tus Version8.8

Redhat ≫ Enterprise Linux For X86 64 Eus Version8.4

Redhat ≫ Enterprise Linux Server Aus Version8.4

Redhat ≫ Enterprise Linux Server Aus Version8.2

Redhat ≫ Ceph Storage Version8.0

Redhat ≫ Discovery Version2.0

Gnome ≫ Glib Version < 2.86.3

Redhat ≫ Openshift Container Platform Version4.12

Redhat ≫ Openshift Container Platform Version4.16

Redhat ≫ Openshift Container Platform Version4.17

Redhat ≫ Openshift Container Platform Version4.18

Redhat ≫ Openshift Container Platform Version4.19

Redhat ≫ Openshift Container Platform For Arm64 Version4.12

Redhat ≫ Openshift Container Platform For Arm64 Version4.16

Redhat ≫ Openshift Container Platform For Arm64 Version4.17

Redhat ≫ Openshift Container Platform For Arm64 Version4.18

Redhat ≫ Openshift Container Platform For Arm64 Version4.19

Redhat ≫ Openshift Container Platform For Ibm Z Version4.12

Redhat ≫ Openshift Container Platform For Ibm Z Version4.16

Redhat ≫ Openshift Container Platform For Ibm Z Version4.17

Redhat ≫ Openshift Container Platform For Ibm Z Version4.18

Redhat ≫ Openshift Container Platform For Ibm Z Version4.19

Redhat ≫ Openshift Container Platform For Linuxone Version4.12

Redhat ≫ Openshift Container Platform For Linuxone Version4.16

Redhat ≫ Openshift Container Platform For Linuxone Version4.17

Redhat ≫ Openshift Container Platform For Linuxone Version4.18

Redhat ≫ Openshift Container Platform For Linuxone Version4.19

Redhat ≫ Openshift Container Platform For Power Version4.12

Redhat ≫ Openshift Container Platform For Power Version4.16

Redhat ≫ Openshift Container Platform For Power Version4.17

Redhat ≫ Openshift Container Platform For Power Version4.18

Redhat ≫ Openshift Container Platform For Power Version4.19

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.007

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.7	2.5	5.2	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://www.heise.de/news/Angreifer-koennen-IBMs-IT-Sicherheitsloesung-QRadar-SIEM-crashen-lassen-11194529.html

Medienbericht

heise Security

02.03.2026 10:09

https://access.redhat.com/security/cve/CVE-2025-13601

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2416741

Vendor Advisory

Issue Tracking

https://gitlab.gnome.org/GNOME/glib/-/issues/3827

Exploit

Issue Tracking