gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an...
Critical severity
Unreviewed
Published
Nov 12, 2024
to the GitHub Advisory Database
•
Updated Dec 6, 2024
Description
Published by the National Vulnerability Database
Nov 11, 2024
Published to the GitHub Advisory Database
Nov 12, 2024
Last updated
Dec 6, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
References