CVE-2025-13601

EUVD-2025-199720
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.7 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
redhatCNA
7.7 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
redhatcodeready_linux_builder
9.0
redhatcodeready_linux_builder_for_ibm_z_systems
9.0_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64
9.0
redhatenterprise_linux_for_arm_64
9.0
redhatenterprise_linux_for_ibm_z_systems
9.0_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
9.0
redhatcodeready_linux_builder_for_arm64
10.0
redhatcodeready_linux_builder_for_ibm_z_systems
10.0_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian
10.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64
10.0
redhatenterprise_linux_for_arm_64
10.0
redhatenterprise_linux_for_ibm_z_systems
10.0_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
10.0_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
10.0
redhatcodeready_linux_builder_for_arm64
8.0
redhatcodeready_linux_builder_for_ibm_z_systems
8.0_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian
8.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64
8.0
redhatenterprise_linux_for_arm_64
8.0
redhatenterprise_linux_for_ibm_z_systems
8.0_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
8.0_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
8.0
redhatenterprise_linux_for_arm_64
9.2
redhatenterprise_linux_for_ibm_z_systems
9.2_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
9.2_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
9.2
redhatenterprise_linux_server_aus
9.2
redhatcodeready_linux_builder_for_arm64_eus
9.4
redhatcodeready_linux_builder_for_ibm_z_systems
9.4_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian
9.4_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64
9.4
redhatenterprise_linux_for_arm_64
9.4
redhatenterprise_linux_for_ibm_z_systems
9.4_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
9.4_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
9.4
redhatenterprise_linux_for_x86_64_eus
9.4
redhatenterprise_linux_server_aus
9.4
redhatenterprise_linux_server_for_power_little_endian
9.4_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_eus
9.4_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_arm64_eus
10.0
redhatcodeready_linux_builder_for_ibm_z_systems_eus
10.0_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian_eus
10.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64_eus
10.0
redhatenterprise_linux_for_arm_64_eus
10.0
redhatenterprise_linux_for_ibm_z_systems_eus
10.0_s390x:_s390x
redhatenterprise_linux_for_power_little_endian_eus
10.0_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64_eus
10.0
redhatenterprise_linux_server_for_power_little_endian
10.0_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_arm64
9.6
redhatcodeready_linux_builder_for_ibm_z_systems
9.6_s390x:_s390x
redhatcodeready_linux_builder_for_power_little_endian
9.6_ppc64le:_ppc64le
redhatcodeready_linux_builder_for_x86_64
9.6
redhatenterprise_linux_for_arm_64
9.6
redhatenterprise_linux_for_ibm_z_systems
9.6_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
9.6_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.6_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
9.6
redhatenterprise_linux_for_x86_64_eus
9.6
redhatenterprise_linux_server_aus
9.6
redhatenterprise_linux_server_for_power_little_endian
9.6_ppc64le:_ppc64le
redhatenterprise_linux_for_x86_64
8.6
redhatenterprise_linux_for_x86_64_eus
8.6
redhatenterprise_linux_server_aus
8.6
redhatenterprise_linux_server_for_power_little_endian
8.6_ppc64le:_ppc64le
redhatenterprise_linux_server_tus
8.6
redhatenterprise_linux_for_x86_64
8.8
redhatenterprise_linux_for_x86_64_eus
8.8
redhatenterprise_linux_server_for_power_little_endian
8.8_ppc64le:_ppc64le
redhatenterprise_linux_server_tus
8.8
redhatenterprise_linux_for_x86_64_eus
8.4
redhatenterprise_linux_server_aus
8.4
redhatenterprise_linux_server_aus
8.2
redhatceph_storage
8.0
redhatdiscovery
2.0
gnomeglib
𝑥
< 2.86.3
redhatopenshift_container_platform
4.12
redhatopenshift_container_platform
4.16
redhatopenshift_container_platform
4.17
redhatopenshift_container_platform
4.18
redhatopenshift_container_platform
4.19
redhatopenshift_container_platform_for_arm64
4.12
redhatopenshift_container_platform_for_arm64
4.16
redhatopenshift_container_platform_for_arm64
4.17
redhatopenshift_container_platform_for_arm64
4.18
redhatopenshift_container_platform_for_arm64
4.19
redhatopenshift_container_platform_for_ibm_z
4.12
redhatopenshift_container_platform_for_ibm_z
4.16
redhatopenshift_container_platform_for_ibm_z
4.17
redhatopenshift_container_platform_for_ibm_z
4.18
redhatopenshift_container_platform_for_ibm_z
4.19
redhatopenshift_container_platform_for_linuxone
4.12
redhatopenshift_container_platform_for_linuxone
4.16
redhatopenshift_container_platform_for_linuxone
4.17
redhatopenshift_container_platform_for_linuxone
4.18
redhatopenshift_container_platform_for_linuxone
4.19
redhatopenshift_container_platform_for_power
4.12
redhatopenshift_container_platform_for_power
4.16
redhatopenshift_container_platform_for_power
4.17
redhatopenshift_container_platform_for_power
4.18
redhatopenshift_container_platform_for_power
4.19
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
glib2.0
bionic
Fixed 2.56.4-0ubuntu0.18.04.9+esm5
released
focal
Fixed 2.64.6-1~ubuntu20.04.9+esm1
released
jammy
Fixed 2.72.4-0ubuntu2.7
released
noble
Fixed 2.80.0-6ubuntu3.6
released
plucky
Fixed 2.84.1-1ubuntu0.2
released
questing
Fixed 2.86.0-2ubuntu0.1
released
trusty
Fixed 2.40.2-0ubuntu1.1+esm7
released
xenial
Fixed 2.48.2-0ubuntu4.8+esm5
released
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://access.redhat.com/errata/RHSA-2026:0936
https://access.redhat.com/errata/RHSA-2026:0975
https://access.redhat.com/errata/RHSA-2026:0991
https://access.redhat.com/errata/RHSA-2026:1323
https://access.redhat.com/errata/RHSA-2026:1324
https://access.redhat.com/errata/RHSA-2026:1326
https://access.redhat.com/errata/RHSA-2026:1327
https://access.redhat.com/errata/RHSA-2026:1465
https://access.redhat.com/errata/RHSA-2026:1608
https://access.redhat.com/errata/RHSA-2026:1624
https://access.redhat.com/errata/RHSA-2026:1625
https://access.redhat.com/errata/RHSA-2026:1626
https://access.redhat.com/errata/RHSA-2026:1627
https://access.redhat.com/errata/RHSA-2026:1652
https://access.redhat.com/errata/RHSA-2026:1736
https://access.redhat.com/errata/RHSA-2026:2064
https://access.redhat.com/errata/RHSA-2026:2072
https://access.redhat.com/errata/RHSA-2026:2485
https://access.redhat.com/errata/RHSA-2026:2563
https://access.redhat.com/errata/RHSA-2026:2633
https://access.redhat.com/errata/RHSA-2026:2659
https://access.redhat.com/errata/RHSA-2026:2671
https://access.redhat.com/errata/RHSA-2026:2974
https://access.redhat.com/errata/RHSA-2026:3415
https://access.redhat.com/security/cve/CVE-2025-13601
https://bugzilla.redhat.com/show_bug.cgi?id=2416741
https://gitlab.gnome.org/GNOME/glib/-/issues/3827
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914