CVE Catalog

CVE-2025-60019

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile — higher than 25% of all known CVEs

Summary

The OpenSSL backend in glib-networking fails to properly check the return values of memory allocation routines. An out-of-memory condition could potentially result in writing to an invalid memory location.

Risk Assessment

The risk involves possible memory corruption, which could lead to application crashes or potential arbitrary code execution by an attacker.

Recommendation

It is recommended to update glib-networking to the latest version that includes a fix for checking return values of memory allocations.

Original NVD description (English source)

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS