CVE-2025-13601

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-13601
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

7.7 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2026:0936 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:0975 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:0991 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1323 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1324 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1326 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1327 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1465 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1608 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1624 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1625 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1626 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1627 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1652 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1736 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2064 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2072 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2485 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2563 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2633 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2659 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2671 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2974
https://access.redhat.com/errata/RHSA-2026:3415
https://access.redhat.com/errata/RHSA-2026:4419
https://access.redhat.com/security/cve/CVE-2025-13601 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2416741 Issue Tracking Vendor Advisory
https://gitlab.gnome.org/GNOME/glib/-/issues/3827 Exploit Issue Tracking
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 9 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*

Configuration 10 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

Configuration 12 (hide)

OR cpe:2.3:a:redhat:ceph_storage:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:discovery:2.0:*:*:*:*:*:*:*

Configuration 13 (hide)

cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

Configuration 14 (hide)

OR cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.19:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-11-26 15:15

Updated : 2026-03-19 06:16

NVD link : CVE-2025-13601

Mitre link : CVE-2025-13601

CVE.ORG link : CVE-2025-13601

JSON object : View

Products Affected

redhat

  • enterprise_linux_for_power_little_endian
  • codeready_linux_builder_for_power_little_endian_eus
  • enterprise_linux_server_for_power_little_endian_eus
  • codeready_linux_builder_for_ibm_z_systems
  • enterprise_linux_for_ibm_z_systems
  • codeready_linux_builder_for_arm64_eus
  • codeready_linux_builder_for_power_little_endian
  • openshift_container_platform_for_linuxone
  • openshift_container_platform
  • codeready_linux_builder_for_arm64
  • enterprise_linux_for_x86_64
  • enterprise_linux_server_aus
  • enterprise_linux_for_x86_64_eus
  • openshift_container_platform_for_ibm_z
  • codeready_linux_builder_for_x86_64
  • openshift_container_platform_for_arm64
  • codeready_linux_builder_for_ibm_z_systems_eus
  • codeready_linux_builder
  • openshift_container_platform_for_power
  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_server_tus
  • enterprise_linux_for_arm_64
  • discovery
  • ceph_storage
  • enterprise_linux_server_for_power_little_endian
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_for_arm_64_eus
  • codeready_linux_builder_for_x86_64_eus

gnome

  • glib
CWE
CWE-190

Integer Overflow or Wraparound