CVE-2025-3360 — Integer Overflow or Wraparound in Azl3 Glib 2.78.6-2 ON Azure Linux 3.0

CWE-190 — Integer Overflow or Wraparound10 documents7 sources

Severity

3.7LOWNVD

OSV7.7

EPSS

0.4%

top 39.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Glib2.0 Msrc Azl3 Glib 2.78.6-2 ON Azure Linux 3.0 Msrc Cbl2 Glib 2.71.0-5 ON CBL Mariner 2.0 +1 more

Timeline

PublishedApr 7

Latest updateFeb 10

Description

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.2 | Impact: 1.4

Affected Packages4 packages

▶debiandebian/glib2.0< glib2.0 2.74.6-2+deb12u6 (bookworm)

▶msrcmsrc/cm2_glib_2.71.0-5_on_cbl_mariner_2.0

▶msrcmsrc/azl3_glib_2.78.6-2_on_azure_linux_3.0

▶msrcmsrc/cbl2_glib_2.71.0-5_on_cbl_mariner_2.0

🔴Vulnerability Details

OSV

glib2.0 vulnerabilities↗2026-02-10

▶

OSV

glib2.0 vulnerabilities↗2026-01-06

▶

OSV

CVE-2025-3360: A flaw was found in GLib↗2025-04-07

▶

GHSA

GHSA-3435-f6h9-64p7: A flaw was found in GLib↗2025-04-07

▶

📋Vendor Advisories

Ubuntu

GLib vulnerabilities↗2026-02-10

▶

Ubuntu

GLib vulnerabilities↗2026-01-06

▶

Microsoft

Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().↗2025-04-08

▶

Red Hat

glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().↗2025-04-07

▶

Debian

CVE-2025-3360: glib2.0 - A flaw was found in GLib. An integer overflow and buffer under-read occur when p...↗2025

▶