Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GNU — Vulnerabilities & Security Advisories 77

Browse all 77 CVE security advisories affecting GNU. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GNU provides a comprehensive collection of free software essential for operating system functionality, primarily serving as the foundational userland for Linux distributions. Its core use case involves delivering command-line utilities, development tools, and system libraries that enable software compilation and execution. Historically, vulnerabilities within the GNU ecosystem have frequently involved buffer overflows and integer overflows, often leading to remote code execution or denial of service conditions. While cross-site scripting is less relevant to its command-line nature, privilege escalation risks have emerged in specific components like coreutils and grep when handling malformed input. Notable security incidents have included critical flaws in GnuPG and Bash, highlighting the importance of rigorous input validation. With seventy-seven recorded CVEs, the project maintains a steady patch cycle, emphasizing stability and security through open-source collaboration and continuous code review processes.

Top products by GNU: Binutils PSPP GRUB2 elfutils Inetutils Mailman cflow Libgcrypt ncurses wget C Library GNU SASL gdb Tar libopts Guix gcc Sed wget2
CVE IDTitleCVSSSeverityPublished
CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak — BinutilsCWE-401 3.1 Low2025-02-10
CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak — BinutilsCWE-401 3.1 Low2025-02-10
CVE-2025-1150 GNU Binutils ld libbfd.c bfd_malloc memory leak — BinutilsCWE-401 3.1 Low2025-02-10
CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak — BinutilsCWE-401 3.1 Low2025-02-10
CVE-2025-1148 GNU Binutils ld ldelfgen.c link_order_scan memory leak — BinutilsCWE-401 3.1 Low2025-02-10
CVE-2025-1147 GNU Binutils nm nm.c internal_strlen buffer overflow — BinutilsCWE-120 3.1 Low2025-02-10
CVE-2025-0840 GNU Binutils objdump.c disassemble_bytes stack-based overflow — BinutilsCWE-121 5.0 Medium2025-01-29
CVE-2024-56738 GNU GRUB 安全漏洞 — GRUB2CWE-208 7.5 -2024-12-29
CVE-2024-56737 GNU GRUB 安全漏洞 — GRUB2CWE-122 9.8 -2024-12-29
CVE-2024-10524 GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs — wgetCWE-918 6.5 Medium2024-11-19
CVE-2023-2789 GNU cflow parser.c parse_variable_declaration denial of service — cflowCWE-404 3.5 Low2023-05-18
CVE-2023-0687 GNU C Library 安全漏洞 — C LibraryCWE-120 4.6 Medium2023-02-06
CVE-2022-2469 GNU SASL 缓冲区错误漏洞 — GNU SASL 3.8 Low2022-07-19
CVE-2015-0837 GnuPG和Libgcrypt 信息泄露漏洞 — Libgcrypt 5.9 -2019-11-29
CVE-2014-3591 GnuPG和Libgcrypt 信息泄露漏洞 — Libgcrypt 4.2 -2019-11-29
CVE-2002-2439 GNU Compiler Collection 输入验证错误漏洞 — gcc 7.8 -2019-10-23
CVE-2019-1010180 GNU gdb 缓冲区错误漏洞 — gdb 9.8 -2019-07-24

This page lists every published CVE security advisory associated with GNU. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.