PT-2025-12683 · Gnome · Gnome Libgsf

Published

2025-03-24

Updated

2025-03-25

CVE-2025-2720

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions GNOME libgsf versions up to 1.14.53

Description A vulnerability was found in the function gsf base64 encode simple. The manipulation of the argument size leads to the use of an uninitialized variable. The attack needs to be approached locally.

Recommendations For versions up to 1.14.53, as a temporary workaround, consider restricting the use of the gsf base64 encode simple function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-457CWE-453

Related Identifiers

BDU:2025-07132

CVE-2025-2720

Affected Products

Gnome Libgsf

PT-2025-12683 · Gnome · Gnome Libgsf

CVE-2025-2720

Weakness Enumeration

Related Identifiers

Affected Products

References · 16