CLSA-2026-1773768694

Import Source

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1773768694

Upstream

Published

2026-03-17T17:31:39Z

Modified

2026-06-04T09:47:31.688728713Z

Summary

Fix CVE(s): CVE-2025-14847

Details

SECURITY UPDATE: Unauthenticated heap memory disclosure via mismatched zlib compressed protocol headers (MongoBleed)
- debian/patches/CVE-2025-14847.patch: Return actual decompressed size instead of buffer size in ZlibMessageCompressor::decompressData
- CVE-2025-14847

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1773768694.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1773768694.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1773768694.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1773768694.json"