{"id":"CVE-2005-3590","details":"The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.","modified":"2026-04-10T03:38:14.375835Z","published":"2019-04-10T20:29:00Z","references":[{"type":"ADVISORY","url":"https://sourceware.org/bugzilla/show_bug.cgi?id=661"},{"type":"FIX","url":"https://sourceware.org/bugzilla/show_bug.cgi?id=661"},{"type":"REPORT","url":"https://sourceware.org/bugzilla/show_bug.cgi?id=661"},{"type":"WEB","url":"http://www.securityfocus.com/bid/107871"},{"type":"WEB","url":"https://support.f5.com/csp/article/K12740406"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}