Home

Description

A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines.

PUBLISHED Reserved 2025-04-29 | Published 2025-07-28 | Updated 2026-01-08 | Assigner redhat




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Improper Control of Generation of Code ('Code Injection')

Product status

Default status
unaffected

Any version before 2.84.1
affected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Timeline

2025-04-29:Reported to Red Hat.
2025-04-29:Made public.

References

access.redhat.com/security/cve/CVE-2025-4056 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2362826 (RHBZ#2362826) issue-tracking

gitlab.gnome.org/GNOME/glib/-/issues/3668

cve.org (CVE-2025-4056)

nvd.nist.gov (CVE-2025-4056)

Download JSON