gnome

357 tracked vulnerabilities.

CVE-2026-2443 MEDIUM
Red Hat Enterprise Linux - Out-of-bounds Read via HTTP Range Header Processing
Feb 13, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1801 MEDIUM
libsoup - HTTP Request Smuggling Information Disclosure
Feb 03, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1539 MEDIUM
libsoup - Proxy-Authorization Header Credential Disclosure
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1536 MEDIUM
Libsoup - HTTP Header Injection
Jan 28, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-1467 MEDIUM
Libsoup - CRLF Injection
Jan 27, 2026
CVSS 5.8
EPSS 0.00
CVE-2025-14512 MEDIUM
glib < 2.86.3 - Heap Buffer Overflow and Denial of Service via GIO escape_byte_string() Integer Overflow
Dec 11, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-14087 MEDIUM
GLib < 2.86.3 - Heap Corruption via GVariant Parser Buffer Underflow
Dec 10, 2025
CVSS 5.6
EPSS 0.01
CVE-2025-13601 HIGH
Red Hat CodeReady Linux Builder - Heap-Based Buffer Overflow via g_escape_uri_string()
Nov 26, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-12105 HIGH
libsoup < 3.6.5 - Use-After-Free in Asynchronous Message Queue Handling
Oct 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-4056 HIGH
GLib < 2.84.1 - Denial of Service via Long Command Line Spawning
Jul 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-7425 HIGH
libxml2 < 2.15.2 - Use-After-Free in XSLT Key Function Tree Fragment Handling
Jul 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-7424 HIGH
libxslt - Type Confusion via psvi Memory Field Reuse
Jul 10, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-6199 LOW
GdkPixbuf - Exposure of Sensitive Information via GIF LZW Decoder Logic Error
Jun 17, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-6196 MEDIUM
libgepub - Denial of Service via Malicious EPUB File Size Calculation
Jun 17, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-49795 HIGH
libxml2 - Denial of Service
Jun 16, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6052 LOW
GLib 2.75.3-2.84.2 - Integer Overflow in GString Memory Management
Jun 13, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-3155 HIGH
Yelp - Arbitrary Script Execution via Help Document
Apr 03, 2025
CVSS 7.4
EPSS 0.13
CVE-2025-2784 HIGH
libsoup < 3.6.5 - Heap Buffer Over-Read via skip_insight_whitespace()
Apr 03, 2025
CVSS 7.0
EPSS 0.01
CVE-2024-52533 CRITICAL
GNOME GLib < 2.82.1 - Buffer Overflow in SOCKS4 Proxy Connection Message Handling
Nov 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-52532 HIGH
GNOME libsoup < 3.6.1 - Denial of Service via WebSocket Data Parsing
Nov 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-52531 MEDIUM
GNOME libsoup < 3.6.1 - Out-of-bounds Write via soup_header_parse_param_list_strict
Nov 11, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-52530 HIGH
GNOME libsoup < 3.6.0 - HTTP Request Smuggling via Null Byte in Header Names
Nov 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-42415 HIGH
GNOME Project G Structured File Library <1.14.52 - RCE
Oct 03, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-36474 HIGH
GNOME Project G Structured File Library <1.14.52 - RCE
Oct 03, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-34397 MEDIUM
GNOME GLib <2.78.5, 2.79.x, 2.80.x - Info Disclosure
May 07, 2024
CVSS 5.2
EPSS 0.01