CVE-2025-13601

CVSS v3.1

7.7

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions glib (affected versions not specified)

Description A heap-based buffer overflow issue exists in glib due to an incorrect buffer size calculation within the g escape uri string() function. When processing a string containing a substantial number of characters requiring escaping, the calculation of the escaped string's length can overflow, potentially causing a write beyond the allocated memory boundaries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2026:0936

ALSA-2026:0975

ALSA-2026:0991

ALSA-2026:18344

ALSA-2026:18705

AZL-71095

AZL-71120

BDU:2026-02745

CVE-2025-13601

DLA-4412-1

ECHO-5ABC-0C11-05F1

JLSEC-2026-487

MGASA-2026-0023

OPENSUSE-SU-2025:15810-1

OPENSUSE-SU-2026:20018-1

RHSA-2026:0936

RHSA-2026:0975

RHSA-2026:0991

RHSA-2026:1323

RHSA-2026:1324

RHSA-2026:1326

RHSA-2026:1327

RHSA-2026:1465

RHSA-2026:1608

RHSA-2026:1624

RHSA-2026:1625

RHSA-2026:1626

RHSA-2026:1627

RHSA-2026:18344

RHSA-2026:18705

RHSA-2026:7461

SUSE-SU-2025:4441-1

SUSE-SU-2025:4442-1

SUSE-SU-2025:4504-1

SUSE-SU-2026:0018-1

SUSE-SU-2026:20032-1

SUSE-SU-2026:20045-1

SUSE-SU-2026:20074-1

SUSE-SU-2026:20493-1

USN-7942-1

USN-7942-2

Affected Products

Debian

Linuxmint

Rocky Linux

Ubuntu

Glib

CVE-2025-13601

Weakness Enumeration

Related Identifiers

Affected Products

References · 135