CLSA-2026-1775739369

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1775739369.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1775739369
Upstream
Published
2026-04-09T12:56:13Z
Modified
2026-06-01T00:32:46.875779005Z
Summary
pki-servlet-engine: Fix of 3 CVEs
Details
  • CVE-2024-52316: fix JASPIC authentication bypass on ServerAuthContext exception
  • CVE-2025-55754: fix ANSI escape sequence injection in log messages
  • CVE-2025-46701: fix CGI servlet case sensitivity bypass of security constraints
References

Affected packages

TuxCare:AlmaLinux:9.6 / pki-servlet-4.0-api

Package

Name
pki-servlet-4.0-api
Purl
pkg:rpm/tuxcare/pki-servlet-4.0-api?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.0.50-1.el9_2.2.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1775739369.json"

TuxCare:AlmaLinux:9.6 / pki-servlet-engine

Package

Name
pki-servlet-engine
Purl
pkg:rpm/tuxcare/pki-servlet-engine?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.0.50-1.el9_2.2.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1775739369.json"