Fluid Attacks Database

Description

A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is d83587b2a364eb9a9a53be7e6a708074e252de14. It is recommended to apply a patch to fix this issue. The identifier VDB-216789 was assigned to this vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	epiphany-browser	>=0 <3.34.1-1	3.34.1-1
debian 12	epiphany-browser	>=0 <3.34.1-1	3.34.1-1
debian 13	epiphany-browser	>=0 <3.34.1-1	3.34.1-1
debian 14	epiphany-browser	>=0 <3.34.1-1	3.34.1-1
debian 11	glib2.0	>=0 <2.66.0-1	2.66.0-1
debian 12	glib2.0	>=0 <2.66.0-1	2.66.0-1
debian 13	glib2.0	>=0 <2.66.0-1	2.66.0-1
debian 14	glib2.0	>=0 <2.66.0-1	2.66.0-1

Aliases

1. CVE-2019-250852. NVD-2019-250853. OSV-DEBIAN-2019-250854. OSV-2019-250855. SECURITY-TRACKER-CVE-2019-25085

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.