CLSA-2025-1745531344

Import Source

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1745531344

Upstream

Published

2025-04-24T21:49:09Z

Modified

2026-06-01T00:30:21.112158270Z

Summary

libtiff: Fix of 2 CVEs

Details

CVE-2023-40745: prevent integer overflow on hostile images to avoid heap-based buffer overflow and potential code execution
CVE-2023-41175: address integer overflows and bypass in raw2tiff.c to prevent heap-based buffer overflow and potential code execution

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-8.el9_2.tuxcare.els4

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1745531344.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-8.el9_2.tuxcare.els4

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1745531344.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-8.el9_2.tuxcare.els4

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1745531344.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-8.el9_2.tuxcare.els4

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1745531344.json"