Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:glibc:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductGlibc (56c42947-b632-5d54-ba17-54c65ef1589b)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-6780 not_vulnerable 2026-06-08 06:21:55.811354 Glibc: integer overflow in __vsyslog_internal()
MEDIUM (5.3)
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
Published: 2024-01-31T14:08:02.610Z
Updated: 2026-05-12T10:41:09.437Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6779 not_vulnerable 2026-06-08 06:21:55.807991 Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()
HIGH (8.2)
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
Published: 2024-01-31T14:07:41.967Z
Updated: 2026-05-12T10:41:08.261Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6246 not_vulnerable 2026-06-08 06:19:46.748489 Glibc: heap-based buffer overflow in __vsyslog_internal()
HIGH (8.4)
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
Published: 2024-01-31T14:06:21.949Z
Updated: 2026-05-12T10:41:06.882Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-3999 vulnerable 2026-06-08 05:35:16.565099 Details available
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
Published: 2022-08-24T00:00:00.000Z
Updated: 2025-12-02T20:54:34.966Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-3998 vulnerable 2026-06-08 05:35:16.554415 Details available
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
Published: 2022-08-24T00:00:00.000Z
Updated: 2025-06-09T15:00:17.349Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.