{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T01:09:42.254","vulnerabilities":[{"cve":{"id":"CVE-2025-8058","sourceIdentifier":"3ff69d7a-14f2-4f67-a097-88dee7810d18","published":"2025-07-23T20:15:27.747","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The regcomp function in the GNU C library version from 2.4 to 2.41 is \nsubject to a double free if some previous allocation fails. It can be \naccomplished either by a malloc failure or by using an interposed malloc\n that injects random malloc failures. The double free can allow buffer \nmanipulation depending of how the regex is constructed. This issue \naffects all architectures and ABIs supported by the GNU C library."},{"lang":"es","value":"La función regcomp en las versiones 2.4 a 2.41 de la librería GNU C está sujeta a una doble liberación si falla alguna asignación previa. Esto puede lograrse mediante un fallo de malloc o mediante un malloc interpuesto que inyecta fallos aleatorios de malloc. La doble liberación puede permitir la manipulación del búfer según cómo se construya la expresión regular. Este problema afecta a todas las arquitecturas y ABIs compatibles con la librería GNU C."}],"metrics":{"cvssMetricV40":[{"source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","type":"Secondary","description":[{"lang":"en","value":"CWE-415"}]}],"references":[{"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=33185","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18"},{"url":"https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18"},{"url":"http://www.openwall.com/lists/oss-security/2025/07/23/1","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}