CLSA-2025-1762363908

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762363908.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1762363908
Upstream
Published
2025-11-05T17:31:54Z
Modified
2026-06-01T00:31:15.165597583Z
Summary
libuv: Fix of CVE-2024-24806
Details
  • CVE-2024-24806: fix issue where uvgetaddrinfo function truncates hostnames, potentially allowing crafted payloads to resolve to unintended IP addresses, by handling hostnameascii variable properly in uvgetaddrinfo and uvidnatoascii functions
References

Affected packages

TuxCare:AlmaLinux:9.2 / libuv

Package

Name
libuv
Purl
pkg:rpm/tuxcare/libuv?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.42.0-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762363908.json"

TuxCare:AlmaLinux:9.2 / libuv-devel

Package

Name
libuv-devel
Purl
pkg:rpm/tuxcare/libuv-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.42.0-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762363908.json"

TuxCare:AlmaLinux:9.2 / libuv-static

Package

Name
libuv-static
Purl
pkg:rpm/tuxcare/libuv-static?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.42.0-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762363908.json"