{"id":"AZL-71120","summary":"CVE-2025-13601 affecting package glib for versions less than 2.78.6-5","details":"A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.","modified":"2026-04-01T05:22:30.783484Z","published":"2025-11-26T15:15:51Z","upstream":["CVE-2025-13601"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13601"}],"affected":[{"package":{"name":"glib","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/glib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.78.6-5"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71120.json"}}],"schema_version":"1.7.5"}