Fluid Attacks Database

Description

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	glib2.0	>=0 <2.84.1-1	2.84.1-1
debian 11	glib2.0	=2.66.8-1 \|\| =2.66.8-1+deb11u1 \|\| =2.66.8-1+deb11u2 \|\| =2.66.8-1+deb11u3 \|\| =2.66.8-1+deb11u4 \|\| =2.66.8-1+deb11u5 \|\| >=0 <2.66.8-1+deb11u6	2.66.8-1+deb11u6
debian 12	glib2.0	=2.74.6-2 \|\| =2.74.6-2+deb12u1 \|\| =2.74.6-2+deb12u2 \|\| =2.74.6-2+deb12u3 \|\| =2.74.6-2+deb12u4 \|\| =2.74.6-2+deb12u5 \|\| >=0 <2.74.6-2+deb12u6	2.74.6-2+deb12u6
debian 13	glib2.0	>=0 <2.84.1-1	2.84.1-1
rpm rhel8	librsvg2	-	-
rpm rhel7	glib2	-	-
rpm rhel9	librsvg2	-	-
rpm rhel6	glib2	-	-
rpm rhel10	glib2	-	-
rpm rhel9	bootc	-	-

1-10 of 18

Aliases

1. CVE-2025-33602. NVD-2025-33603. OSV-DEBIAN-2025-33604. OSV-2025-33605. SECURITY-TRACKER-CVE-2025-3360

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.