Vulnerability Database

324,292

Total vulnerabilities in the database

CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

  • Published: Nov 26, 2025
  • Updated: Feb 7, 2026
  • CVE: CVE-2025-13601
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.7
  • AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWEs:

Software From Fixed in
redhat / codeready_linux_builder 9.0 9.0.x
redhat / codeready_linux_builder_for_ibm_z_systems 9.0_s390x 9.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian 9.0_ppc64le 9.0_ppc64le.x
redhat / codeready_linux_builder_for_x86_64 9.0 9.0.x
redhat / enterprise_linux_for_arm_64 9.0 9.0.x
redhat / enterprise_linux_for_ibm_z_systems 9.0_s390x 9.0_s390x.x
redhat / enterprise_linux_for_power_little_endian 9.0_ppc64le 9.0_ppc64le.x
redhat / enterprise_linux_for_x86_64 9.0 9.0.x
redhat / codeready_linux_builder_for_arm64 10.0 10.0.x
redhat / codeready_linux_builder_for_ibm_z_systems 10.0_s390x 10.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian 10.0_ppc64le 10.0_ppc64le.x
redhat / codeready_linux_builder_for_x86_64 10.0 10.0.x
redhat / enterprise_linux_for_arm_64 10.0 10.0.x
redhat / enterprise_linux_for_ibm_z_systems 10.0_s390x 10.0_s390x.x
redhat / enterprise_linux_for_power_little_endian 10.0_ppc64le 10.0_ppc64le.x
redhat / enterprise_linux_for_x86_64 10.0 10.0.x
redhat / codeready_linux_builder_for_arm64 8.0 8.0.x
redhat / codeready_linux_builder_for_ibm_z_systems 8.0_s390x 8.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian 8.0_ppc64le 8.0_ppc64le.x
redhat / codeready_linux_builder_for_x86_64 8.0 8.0.x
redhat / enterprise_linux_for_arm_64 8.0 8.0.x
redhat / enterprise_linux_for_ibm_z_systems 8.0_s390x 8.0_s390x.x
redhat / enterprise_linux_for_power_little_endian 8.0_ppc64le 8.0_ppc64le.x
redhat / enterprise_linux_for_x86_64 8.0 8.0.x
redhat / enterprise_linux_for_arm_64 9.2 9.2.x
redhat / enterprise_linux_for_ibm_z_systems 9.2_s390x 9.2_s390x.x
redhat / enterprise_linux_for_power_little_endian 9.2_ppc64le 9.2_ppc64le.x
redhat / enterprise_linux_for_x86_64 9.2 9.2.x
redhat / enterprise_linux_server_aus 9.2 9.2.x
redhat / codeready_linux_builder_for_arm64_eus 9.4 9.4.x
redhat / codeready_linux_builder_for_ibm_z_systems 9.4_s390x 9.4_s390x.x
redhat / codeready_linux_builder_for_power_little_endian 9.4_ppc64le 9.4_ppc64le.x
redhat / codeready_linux_builder_for_x86_64 9.4 9.4.x
redhat / enterprise_linux_for_arm_64 9.4 9.4.x
redhat / enterprise_linux_for_ibm_z_systems 9.4_s390x 9.4_s390x.x
redhat / enterprise_linux_for_power_little_endian 9.4_ppc64le 9.4_ppc64le.x
redhat / enterprise_linux_for_x86_64 9.4 9.4.x
redhat / enterprise_linux_for_x86_64_eus 9.4 9.4.x
redhat / enterprise_linux_server_aus 9.4 9.4.x
redhat / enterprise_linux_server_for_power_little_endian 9.4_ppc64le 9.4_ppc64le.x
redhat / enterprise_linux_server_for_power_little_endian_eus 9.4_ppc64le 9.4_ppc64le.x
redhat / codeready_linux_builder_for_arm64_eus 10.0 10.0.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus 10.0_s390x 10.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian_eus 10.0_ppc64le 10.0_ppc64le.x
redhat / codeready_linux_builder_for_x86_64_eus 10.0 10.0.x
redhat / enterprise_linux_for_arm_64_eus 10.0 10.0.x
redhat / enterprise_linux_for_ibm_z_systems_eus 10.0_s390x 10.0_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus 10.0_ppc64le 10.0_ppc64le.x
redhat / enterprise_linux_for_x86_64_eus 10.0 10.0.x
redhat / enterprise_linux_server_for_power_little_endian 10.0_ppc64le 10.0_ppc64le.x
redhat / codeready_linux_builder_for_arm64 9.6 9.6.x
redhat / codeready_linux_builder_for_ibm_z_systems 9.6_s390x 9.6_s390x.x
redhat / codeready_linux_builder_for_power_little_endian 9.6_ppc64le 9.6_ppc64le.x
redhat / codeready_linux_builder_for_x86_64 9.6 9.6.x
redhat / enterprise_linux_for_arm_64 9.6 9.6.x
redhat / enterprise_linux_for_ibm_z_systems 9.6_s390x 9.6_s390x.x
redhat / enterprise_linux_for_power_little_endian 9.6_ppc64le 9.6_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus 9.6_ppc64le 9.6_ppc64le.x
redhat / enterprise_linux_for_x86_64 9.6 9.6.x
redhat / enterprise_linux_for_x86_64_eus 9.6 9.6.x
redhat / enterprise_linux_server_aus 9.6 9.6.x
redhat / enterprise_linux_server_for_power_little_endian 9.6_ppc64le 9.6_ppc64le.x
redhat / enterprise_linux_for_x86_64 8.6 8.6.x
redhat / enterprise_linux_for_x86_64_eus 8.6 8.6.x
redhat / enterprise_linux_server_aus 8.6 8.6.x
redhat / enterprise_linux_server_for_power_little_endian 8.6_ppc64le 8.6_ppc64le.x
redhat / enterprise_linux_server_tus 8.6 8.6.x
redhat / enterprise_linux_for_x86_64 8.8 8.8.x
redhat / enterprise_linux_for_x86_64_eus 8.8 8.8.x
redhat / enterprise_linux_server_for_power_little_endian 8.8_ppc64le 8.8_ppc64le.x
redhat / enterprise_linux_server_tus 8.8 8.8.x
redhat / enterprise_linux_for_x86_64_eus 8.4 8.4.x
redhat / enterprise_linux_server_aus 8.4 8.4.x
redhat / enterprise_linux_server_aus 8.2 8.2.x
redhat / ceph_storage 8.0 8.0.x
redhat / discovery 2.0 2.0.x
gnome / glib - 2.86.3