{"id":"JLSEC-2025-155","summary":"GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_op...","details":"GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is \"Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls to g_option_group_add_entries().\" The researcher states that this pattern is undocumented","modified":"2025-11-06T23:02:41.767468Z","published":"2025-10-19T22:31:43.957Z","upstream":["CVE-2020-35457"],"database_specific":{"license":"CC-BY-4.0","sources":[{"html_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35457","id":"CVE-2020-35457","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-35457","published":"2020-12-14T23:15:12.173Z","modified":"2024-11-21T05:27:19.393Z","imported":"2025-10-19T21:13:23.537Z"}]},"references":[{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d"},{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/glib/-/issues/2197"},{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/glib/-/releases/2.65.3"}],"affected":[{"package":{"name":"Glib_jll","ecosystem":"Julia","purl":"pkg:julia/Glib_jll?uuid=7746bdde-850d-59dc-9ae8-88ece973131d"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.68.1+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-155.json"}}],"schema_version":"1.7.3"}