Back

Fedora Glow 2.1.2 Update Addresses Multiple CVEs

Severity: Medium (Score: 57.9)

Sources: Linuxsecurity

Summary

On May 1, 2026, Fedora released an update for Glow, a terminal-based markdown reader, to version 2.1.2. This update addresses several critical vulnerabilities, including CVE-2026-5160, which was published on April 15, 2026, and involves an update to the vendored goldmark dependency. Other vulnerabilities fixed include CVE-2025-61723 and CVE-2025-58189, both published on October 29, 2025, and CVE-2025-47910 and CVE-2025-47906, published on September 22 and 18, 2025, respectively. The update also includes improvements from the latest golang version to mitigate additional CVEs. Users are advised to upgrade using the 'dnf' update program to ensure their systems are secure. The update is crucial for maintaining the integrity and security of systems using Glow. The vulnerabilities could potentially expose sensitive information or allow unauthorized access if left unpatched. Key Points: • Fedora Glow 2.1.2 update fixes multiple critical CVEs. • CVE-2026-5160 was published on April 15, 2026. • Users should upgrade using 'dnf' to mitigate vulnerabilities.

Key Entities

  • CVE-2025-11065 (cve)
  • CVE-2025-47906 (cve)
  • CVE-2025-47910 (cve)
  • CVE-2025-58189 (cve)
  • CVE-2025-61723 (cve)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • Fedora (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed