CLSA-2024-1722529534

Import Source

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2024-1722529534

Upstream

Published

2024-08-01T16:25:37Z

Modified

2026-06-01T00:33:17.526732908Z

Summary

libtiff: Fix of 2 CVEs

Details

CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow
CVE-2023-52355: added functionality to set a maximum possible allocation size in bytes in order to prevent out-of-memory issues when opening a TIFF file and added memory limit option in tools

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.3-35.el7.tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1722529534.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.3-35.el7.tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1722529534.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.3-35.el7.tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1722529534.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.3-35.el7.tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1722529534.json"