CVE-2023-32665

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

References

Affected packages

Git / github.com/gnome/glib

Affected ranges

Type

GIT

Repo

https://github.com/gnome/glib

Events

Introduced

Fixed

e35768fe299d6389f8f5eef15593762389d2c07d

Database specific

{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.74.4"
        }
    ],
    "cpe": "cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*"
}

Affected versions

2.*

2.20.0

2.20.1

2.21.1

2.21.2

2.21.3

2.21.4

2.21.5

2.21.6

2.22.0

2.22.2

2.23.0

2.23.1

2.23.2

2.23.3

2.23.4

2.23.5

2.23.6

2.24.0

2.25.0

2.25.10

2.25.11

2.25.12

2.25.13

2.25.14

2.25.15

2.25.2

2.25.3

2.25.4

2.25.5

2.25.6

2.25.8

2.25.9

2.27.0

2.27.1

2.27.2

2.27.3

2.27.5

2.27.90

2.27.91

2.27.92

2.27.93

2.28.0

2.29.10

2.29.12

2.29.14

2.29.16

2.29.18

2.29.4

2.29.6

2.29.8

2.29.90

2.31.0

2.31.10

2.31.12

2.31.14

2.31.16

2.31.18

2.31.2

2.31.20

2.31.22

2.31.4

2.31.6

2.31.8

2.32.0

2.32.1

2.33.1

2.33.10

2.33.12

2.33.14

2.33.2

2.33.3

2.33.4

2.33.6

2.33.8

2.34.0

2.35.1

2.35.2

2.35.3

2.35.4

2.35.6

2.35.7

2.35.8

2.35.9

2.36.0

2.37.0

2.37.1

2.37.2

2.37.3

2.37.4

2.37.5

2.37.6

2.37.7

2.37.92

2.37.93

2.38.0

2.39.0

2.39.1

2.39.2

2.39.3

2.39.4

2.39.90

2.39.91

2.39.92

2.41.1

2.41.2

2.41.3

2.41.4

2.41.5

2.42.0

2.43.0

2.43.1

2.43.2

2.43.3

2.43.4

2.43.90

2.43.91

2.43.92

2.45.1

2.45.2

2.45.3

2.45.4

2.45.5

2.45.6

2.45.7

2.45.8

2.46.0

2.47.1

2.47.2

2.47.3

2.47.4

2.47.5

2.47.6

2.47.92

2.48.0

2.49.1

2.49.2

2.49.3

2.49.4

2.49.5

2.49.6

2.49.7

2.50.0

2.50.1

2.51.0

2.51.1

2.51.2

2.51.3

2.51.4

2.51.5

2.52.0

2.53.1

2.53.2

2.53.3

2.53.4

2.53.5

2.53.6

2.53.7

2.54.0

2.55.0

2.55.1

2.56.0

2.57.1

2.57.2

2.57.3

2.58.0

2.59.0

2.59.1

2.59.2

2.59.3

2.60.0

2.61.0

2.61.1

2.61.2

2.61.3

2.62.0

2.63.0

2.63.1

2.63.2

2.63.3

2.63.4

2.63.5

2.63.6

2.64.0

2.65.0

2.65.1

2.65.2

2.65.3

2.66.0

2.67.0

2.67.1

2.67.2

2.67.3

2.67.4

2.67.5

2.67.6

2.68.0

2.69.0

2.69.1

2.69.2

2.69.3

2.70.0

2.71.0

2.71.1

2.71.2

2.71.3

2.72.0

2.73.0

2.73.1

2.73.2

2.73.3

2.74.0

2.74.1

2.74.2

2.74.3

Other

FOR_GNOME_0_99_1

GLIB_1_1_0

GLIB_1_1_1

GLIB_1_1_10

GLIB_1_1_11

GLIB_1_1_12

GLIB_1_1_13

GLIB_1_1_14

GLIB_1_1_15

GLIB_1_1_16

GLIB_1_1_2

GLIB_1_1_3

GLIB_1_1_3a

GLIB_1_1_4

GLIB_1_1_5

GLIB_1_1_6

GLIB_1_1_7

GLIB_1_1_8

GLIB_1_1_8a

GLIB_1_1_9

GLIB_1_2_0

GLIB_1_2_9PRE1

GLIB_1_3_0

GLIB_1_3_1

GLIB_1_3_10

GLIB_1_3_11

GLIB_1_3_12

GLIB_1_3_13

GLIB_1_3_14

GLIB_1_3_15

GLIB_1_3_2

GLIB_1_3_3

GLIB_1_3_4

GLIB_1_3_5

GLIB_1_3_6

GLIB_1_3_7

GLIB_1_3_8

GLIB_1_3_9

GLIB_2_0_0

GLIB_2_0_0_RC1

GLIB_2_0_1

GLIB_2_10_0

GLIB_2_10_1

GLIB_2_11_0

GLIB_2_11_1

GLIB_2_11_2

GLIB_2_11_3

GLIB_2_11_4

GLIB_2_12_0

GLIB_2_12_1

GLIB_2_12_2

GLIB_2_13_0

GLIB_2_13_1

GLIB_2_13_2

GLIB_2_13_3

GLIB_2_13_5

GLIB_2_13_6

GLIB_2_13_7

GLIB_2_14_0

GLIB_2_14_1

GLIB_2_14_2

GLIB_2_14_3

GLIB_2_15_1

GLIB_2_15_2

GLIB_2_15_3

GLIB_2_15_4

GLIB_2_15_5

GLIB_2_15_6

GLIB_2_16_1

GLIB_2_17_0

GLIB_2_17_1

GLIB_2_17_2

GLIB_2_17_3

GLIB_2_17_4

GLIB_2_17_5

GLIB_2_17_6

GLIB_2_17_7

GLIB_2_18_0

GLIB_2_18_1

GLIB_2_19_0

GLIB_2_19_1

GLIB_2_19_10

GLIB_2_19_2

GLIB_2_19_3

GLIB_2_19_4

GLIB_2_19_5

GLIB_2_19_6

GLIB_2_19_7

GLIB_2_19_8

GLIB_2_19_9

GLIB_2_1_3

GLIB_2_1_4

GLIB_2_1_5

GLIB_2_20_0

GLIB_2_2_0

GLIB_2_3_0

GLIB_2_3_1

GLIB_2_3_2

GLIB_2_3_3

GLIB_2_3_5

GLIB_2_3_6

GLIB_2_4_0

GLIB_2_4_1

GLIB_2_5_0

GLIB_2_5_1

GLIB_2_5_2

GLIB_2_5_3

GLIB_2_5_5

GLIB_2_5_6

GLIB_2_6_0

GLIB_2_6_1

GLIB_2_7_0

GLIB_2_7_1

GLIB_2_7_2

GLIB_2_7_3

GLIB_2_7_4

GLIB_2_7_5

GLIB_2_7_6

GLIB_2_7_7

GLIB_2_8_0

GLIB_2_8_1

GLIB_2_9_0

GLIB_2_9_1

GLIB_2_9_2

GLIB_2_9_3

GLIB_2_9_4

GLIB_2_9_5

GLIB_2_9_6

GLIB_GNOME_0_99_1

GLIB_VERSION_1_1_3

GNOME_PRINT_0_24

GOBJECT_GType_guint

GTK_2_5_4

GTK_2_7_4

GTK_ALL_1_3_6

PRE_CLEANUP

R_2_0_core

glib-2-0-branchpoint

glib-2-10-branchpoint

glib-2-12-branchpoint

glib-2-2-branchpoint

glib-2-4-branchpoint

glib-2-6-branchpoint

gobject_0_10_0

gobject_0_9_0

start

glib-2.*

glib-2.25.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32665.json"