Noticeinfo

⚠️ Further analysis revealed that this issues is a false-positive. Please take a look at the sources mentioned and consider not using this entry at all. The code maintainer explains that "[the] call is invalid [as] the buffer pointed to by "data" must have "len" valid bytes." The documentation was fixed to make that clear. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Vendor

• GNOME

Name

• libgsf

Version

• 1.14.0
• 1.14.1
• 1.14.2
• 1.14.3
• 1.14.4
• 1.14.5
• 1.14.6
• 1.14.7
• 1.14.8
• 1.14.9
• 1.14.10
• 1.14.11
• 1.14.12
• 1.14.13
• 1.14.14
• 1.14.15
• 1.14.16
• 1.14.17
• 1.14.18
• 1.14.19
• 1.14.20
• 1.14.21
• 1.14.22
• 1.14.23
• 1.14.24
• 1.14.25
• 1.14.26
• 1.14.27
• 1.14.28
• 1.14.29
• 1.14.30
• 1.14.31
• 1.14.32
• 1.14.33
• 1.14.34
• 1.14.35
• 1.14.36
• 1.14.37
• 1.14.38
• 1.14.39
• 1.14.40
• 1.14.41
• 1.14.42
• 1.14.43
• 1.14.44
• 1.14.45
• 1.14.46
• 1.14.47
• 1.14.48
• 1.14.49
• 1.14.50
• 1.14.51
• 1.14.52
• 1.14.53

License

• open-source

Website

• Vendor: https://www.gnome.org/

Timelineinfo

03/24/2025 Advisory disclosed
03/24/2025 +0 days VulDB entry created
04/22/2025 +29 days VulDB entry last update

Sourcesinfo

Vendor: gnome.org

False Positive: Yes

CVE: CVE-2025-2723 (🔒)
GCVE (CVE): GCVE-0-2025-2723
GCVE (VulDB): GCVE-100-300743

Entryinfo

Created: 03/24/2025 01:51 PM
Updated: 04/22/2025 02:30 PM
Changes: 03/24/2025 01:51 PM (52), 03/25/2025 09:29 AM (29), 04/22/2025 02:30 PM (2)
Complete: 🔍
Submitter: ninpwn
Cache ID: 244:EB4:40

Submitinfo

Accepted

• Submit #520183: Open Source libgsf <=1.14.53 Integer Overflow -> Heap Overflow (gsf_property_settings_collec) (by ninpwn)

Discussion

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!