Noticeinfo

⚠️ This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all. The code maintainer explains that "[the] call is invalid [as] the buffer pointed to by "data" must have "len" valid bytes." The documentation was fixed to make that clear.

Productinfo

Vendor

• GNOME

Name

• libgsf

Version

• 1.14.0
• 1.14.1
• 1.14.2
• 1.14.3
• 1.14.4
• 1.14.5
• 1.14.6
• 1.14.7
• 1.14.8
• 1.14.9
• 1.14.10
• 1.14.11
• 1.14.12
• 1.14.13
• 1.14.14
• 1.14.15
• 1.14.16
• 1.14.17
• 1.14.18
• 1.14.19
• 1.14.20
• 1.14.21
• 1.14.22
• 1.14.23
• 1.14.24
• 1.14.25
• 1.14.26
• 1.14.27
• 1.14.28
• 1.14.29
• 1.14.30
• 1.14.31
• 1.14.32
• 1.14.33
• 1.14.34
• 1.14.35
• 1.14.36
• 1.14.37
• 1.14.38
• 1.14.39
• 1.14.40
• 1.14.41
• 1.14.42
• 1.14.43
• 1.14.44
• 1.14.45
• 1.14.46
• 1.14.47
• 1.14.48
• 1.14.49
• 1.14.50
• 1.14.51
• 1.14.52
• 1.14.53

License

• open-source

Website

• Vendor: https://www.gnome.org/

Timelineinfo

03/24/2025 🔍
03/24/2025 +0 days 🔍
04/22/2025 +29 days 🔍

Sourcesinfo

Vendor: gnome.org

False Positive: Yes

CVE: CVE-2025-2721 (🔍)
GCVE (CVE): GCVE-0-2025-2721
GCVE (VulDB): GCVE-100-300741

Entryinfo

Created: 03/24/2025 13:51
Updated: 04/22/2025 14:30
Changes: 03/24/2025 13:51 (52), 03/25/2025 09:29 (29), 04/22/2025 14:30 (2)
Complete: 🔍
Submitter: ninpwn
Cache ID: 216:4F5:103

Submitinfo

Accepted

• Submit #520181: Open Source libgsf <=1.14.53 Integer Overflow -> Heap Overflow (gsf_base64_encode_simple) (by ninpwn)

Discussion

Do you need the next level of professionalism?

Upgrade your account now!