Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-8037 | A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsf_base64_encode_simple. The manipulation of the argument size_t leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. |
No reference.
Tue, 22 Apr 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-119 CWE-122 |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Tue, 22 Apr 2025 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | GNOME libgsf gsf_base64_encode_simple heap-based overflow | |
| Metrics |
ssvc
|
Tue, 22 Apr 2025 12:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsf_base64_encode_simple. The manipulation of the argument size_t leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "[the] call is invalid [as] the buffer pointed to by "data" must have "len" valid bytes." The documentation was fixed to make that clear. |
| Metrics |
cvssV3_0
|
cvssV4_0
|
Tue, 25 Mar 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 25 Mar 2025 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsf_base64_encode_simple. The manipulation of the argument size_t leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | GNOME libgsf gsf_base64_encode_simple heap-based overflow | |
| Weaknesses | CWE-119 CWE-122 |
|
| References |
| |
| Metrics |
cvssV2_0
|
Subscriptions
No data.
Status: REJECTED
Assigner: VulDB
Published:
Updated: 2025-04-22T12:25:20.242Z
Reserved: 2025-03-24T12:46:21.132Z
Link: CVE-2025-2721
Updated:
Status : Rejected
Published: 2025-03-25T00:15:15.693
Modified: 2025-04-22T13:15:42.990
Link: CVE-2025-2721
No data.
OpenCVE Enrichment
No data.
No weakness.
EUVD