{"id":"JLSEC-2025-157","summary":"An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3","details":"An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.","modified":"2025-11-06T23:02:48.379114Z","published":"2025-10-19T22:31:43.957Z","upstream":["CVE-2021-27219"],"database_specific":{"license":"CC-BY-4.0","sources":[{"imported":"2025-10-19T21:13:23.542Z","modified":"2024-11-21T05:57:37.410Z","id":"CVE-2021-27219","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-27219","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27219","published":"2021-02-15T17:15:13.137Z"}]},"references":[{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/glib/-/issues/2319"},{"type":"WEB","url":"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/"},{"type":"WEB","url":"https://security.gentoo.org/glsa/202107-13"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20210319-0004/"}],"affected":[{"package":{"name":"Glib_jll","ecosystem":"Julia","purl":"pkg:julia/Glib_jll?uuid=7746bdde-850d-59dc-9ae8-88ece973131d"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.68.1+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-157.json"}}],"schema_version":"1.7.3"}