CVE Catalog

CVE-2025-60018

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile - higher than 21% of all known CVEs

Summary

The OpenSSL backend in glib-networking fails to properly check the return value of a call to BIO_write(), resulting in an out-of-bounds read.

Risk Assessment

This vulnerability could allow an attacker to read sensitive data from memory or cause a crash in applications using glib-networking.

Recommendation

It is recommended to immediately update glib-networking to the latest available version containing the fix.

Original NVD description (English source)

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS