Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-4056
CVE-2025-4056:
NixOS vulnerability analysis and mitigation
Overview
A vulnerability identified as CVE-2025-4056 was discovered in GLib's Windows implementation, reported on April 29, 2025. The vulnerability specifically affects applications that attempt to spawn programs using long command lines on Windows platforms (Wiz Report, Red Hat CVE).
Technical details
The vulnerability has been assigned a CVSS v3.1 score of 3.7 (Low severity) with the vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L. The issue is classified under CWE-94 and specifically affects the Windows implementation of GLib's program spawning functionality (Red Hat CVE, Wiz Report).
Impact
The vulnerability can result in a denial of service condition specifically on Windows platforms when applications attempt to spawn programs with long command lines (Red Hat CVE).
Mitigation and workarounds
The issue has been fixed in GLib version 2.84.1-1. The fix was implemented through a commit f1a498e178709dcd5c26303a5b54ae5007733fc5 in version 2.84.1 (Debian Tracker).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management