CVE-2025-13601

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-13601
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

7.7 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2026:0936 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:0975 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:0991 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1323 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1324 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1326 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1327 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1465 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1608 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1624 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1625 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1626 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1627 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1652 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1736 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:18344
https://access.redhat.com/errata/RHSA-2026:18705
https://access.redhat.com/errata/RHSA-2026:2064 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2072 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2485 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2563 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2633 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2659 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2671 Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2974
https://access.redhat.com/errata/RHSA-2026:3415
https://access.redhat.com/errata/RHSA-2026:4419
https://access.redhat.com/errata/RHSA-2026:7461
https://access.redhat.com/security/cve/CVE-2025-13601 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2416741 Issue Tracking Vendor Advisory
https://gitlab.gnome.org/GNOME/glib/-/issues/3827 Exploit Issue Tracking
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-253495.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 9 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*

Configuration 10 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

Configuration 12 (hide)

OR cpe:2.3:a:redhat:ceph_storage:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:discovery:2.0:*:*:*:*:*:*:*

Configuration 13 (hide)

cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

Configuration 14 (hide)

OR cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.19:*:*:*:*:*:*:*
History

02 Jun 2026, 14:16

Type Values Removed Values Added
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-253495.html -

19 May 2026, 16:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:18705 -

19 May 2026, 09:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:18344 -

19 Apr 2026, 20:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:7461 -

19 Mar 2026, 06:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:4419 -

05 Mar 2026, 12:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:3415 -

26 Feb 2026, 16:23

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2974 -

24 Feb 2026, 21:44

Type Values Removed Values Added
First Time Redhat openshift Container Platform For Ibm Z
Redhat openshift Container Platform For Linuxone
Redhat openshift Container Platform
Redhat openshift Container Platform For Arm64
Redhat openshift Container Platform For Power
CPE cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.17:*:*:*:*:*:*:*
References () https://access.redhat.com/errata/RHSA-2026:2064 - () https://access.redhat.com/errata/RHSA-2026:2064 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2072 - () https://access.redhat.com/errata/RHSA-2026:2072 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2485 - () https://access.redhat.com/errata/RHSA-2026:2485 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2563 - () https://access.redhat.com/errata/RHSA-2026:2563 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2633 - () https://access.redhat.com/errata/RHSA-2026:2633 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2659 - () https://access.redhat.com/errata/RHSA-2026:2659 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:2671 - () https://access.redhat.com/errata/RHSA-2026:2671 - Vendor Advisory

19 Feb 2026, 07:17

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2633 -
  • () https://access.redhat.com/errata/RHSA-2026:2671 -

18 Feb 2026, 20:18

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2659 -

13 Feb 2026, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2064 -

11 Feb 2026, 15:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2563 -

11 Feb 2026, 05:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2072 -

10 Feb 2026, 21:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:2485 -

06 Feb 2026, 19:19

Type Values Removed Values Added
First Time Gnome
Gnome glib
CPE cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

06 Feb 2026, 19:10

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2026:0936 - () https://access.redhat.com/errata/RHSA-2026:0936 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:0975 - () https://access.redhat.com/errata/RHSA-2026:0975 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:0991 - () https://access.redhat.com/errata/RHSA-2026:0991 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1323 - () https://access.redhat.com/errata/RHSA-2026:1323 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1324 - () https://access.redhat.com/errata/RHSA-2026:1324 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1326 - () https://access.redhat.com/errata/RHSA-2026:1326 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1327 - () https://access.redhat.com/errata/RHSA-2026:1327 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1465 - () https://access.redhat.com/errata/RHSA-2026:1465 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1608 - () https://access.redhat.com/errata/RHSA-2026:1608 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1624 - () https://access.redhat.com/errata/RHSA-2026:1624 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1625 - () https://access.redhat.com/errata/RHSA-2026:1625 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1626 - () https://access.redhat.com/errata/RHSA-2026:1626 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1627 - () https://access.redhat.com/errata/RHSA-2026:1627 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1652 - () https://access.redhat.com/errata/RHSA-2026:1652 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2026:1736 - () https://access.redhat.com/errata/RHSA-2026:1736 - Vendor Advisory
References () https://access.redhat.com/security/cve/CVE-2025-13601 - () https://access.redhat.com/security/cve/CVE-2025-13601 - Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2416741 - () https://bugzilla.redhat.com/show_bug.cgi?id=2416741 - Issue Tracking, Vendor Advisory
References () https://gitlab.gnome.org/GNOME/glib/-/issues/3827 - () https://gitlab.gnome.org/GNOME/glib/-/issues/3827 - Exploit, Issue Tracking
References () https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 - () https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 - Third Party Advisory
First Time Redhat codeready Linux Builder For Arm64 Eus
Redhat ceph Storage
Redhat enterprise Linux For Arm 64
Redhat codeready Linux Builder For Arm64
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For X86 64
Redhat codeready Linux Builder For Power Little Endian
Redhat codeready Linux Builder For Ibm Z Systems
Redhat codeready Linux Builder For X86 64
Redhat discovery
Redhat enterprise Linux Server For Power Little Endian
Redhat codeready Linux Builder For Power Little Endian Eus
Redhat enterprise Linux For Arm 64 Eus
Redhat codeready Linux Builder
Redhat enterprise Linux Server Tus
Redhat enterprise Linux Server For Power Little Endian Eus
Redhat enterprise Linux For X86 64 Eus
Redhat
Redhat enterprise Linux For Power Little Endian Eus
Redhat codeready Linux Builder For X86 64 Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Ibm Z Systems
Redhat codeready Linux Builder For Ibm Z Systems Eus
Redhat enterprise Linux Server Aus
CPE cpe:2.3:o:redhat:enterprise_linux_for_x86_64:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:10.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:ceph_storage:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:discovery:2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:9.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.6:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:8.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4:*:*:*:*:*:aarch64:*
cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:aarch64:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:*

02 Feb 2026, 23:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1736 -

02 Feb 2026, 10:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1652 -

02 Feb 2026, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1624 -
  • () https://access.redhat.com/errata/RHSA-2026:1626 -

02 Feb 2026, 02:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1608 -
  • () https://access.redhat.com/errata/RHSA-2026:1625 -
  • () https://access.redhat.com/errata/RHSA-2026:1627 -

28 Jan 2026, 07:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1465 -

27 Jan 2026, 10:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1324 -
  • () https://access.redhat.com/errata/RHSA-2026:1326 -

27 Jan 2026, 08:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:1323 -
  • () https://access.redhat.com/errata/RHSA-2026:1327 -

22 Jan 2026, 17:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:0991 -

22 Jan 2026, 10:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:0975 -

21 Jan 2026, 23:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:0936 -

26 Nov 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-11-26 15:15

Updated : 2026-06-02 14:16

NVD link : CVE-2025-13601

Mitre link : CVE-2025-13601

CVE.ORG link : CVE-2025-13601

JSON object : View

Products Affected

redhat

  • codeready_linux_builder_for_ibm_z_systems_eus
  • codeready_linux_builder_for_x86_64_eus
  • openshift_container_platform_for_arm64
  • openshift_container_platform_for_power
  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_server_tus
  • enterprise_linux_server_for_power_little_endian
  • ceph_storage
  • codeready_linux_builder
  • enterprise_linux_for_ibm_z_systems_eus
  • openshift_container_platform
  • codeready_linux_builder_for_power_little_endian
  • codeready_linux_builder_for_x86_64
  • openshift_container_platform_for_ibm_z
  • enterprise_linux_for_arm_64_eus
  • codeready_linux_builder_for_power_little_endian_eus
  • enterprise_linux_for_x86_64_eus
  • discovery
  • enterprise_linux_for_power_little_endian
  • codeready_linux_builder_for_arm64
  • codeready_linux_builder_for_arm64_eus
  • enterprise_linux_for_arm_64
  • enterprise_linux_server_aus
  • enterprise_linux_for_x86_64
  • openshift_container_platform_for_linuxone
  • codeready_linux_builder_for_ibm_z_systems
  • enterprise_linux_server_for_power_little_endian_eus
  • enterprise_linux_for_power_little_endian_eus

gnome

  • glib
CWE
CWE-190

Integer Overflow or Wraparound