CLSA-2025-1756923561

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1756923561
Upstream
Published
2025-09-03T18:19:25Z
Modified
2026-05-27T11:35:17.371786705Z
Summary
clamav: Fix of 8 CVEs
Details
  • Update to 1.0.9 LTS version
  • CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser
  • CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser
  • CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files
  • CVE-2024-20290: Fixed a possible heap overflow read bug in the OLE2 file parser
  • CVE-2024-20328: Fixed a possible command injection in the 'VirusEvent' feature of the clamd service
  • CVE-2023-20197: Fixed a possible denial of service in the HFS+ parser
  • CVE-2023-20212: Fixed a possible DoS in the AutoIT file parser
  • CVE-2023-20052: Fixed a possible remote information leak in the DMG file parser
References

Affected packages

TuxCare:CentOS:6
clamav

Package

Name
clamav
Purl
pkg:rpm/tuxcare/clamav?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-data

Package

Name
clamav-data
Purl
pkg:rpm/tuxcare/clamav-data?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-devel

Package

Name
clamav-devel
Purl
pkg:rpm/tuxcare/clamav-devel?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-doc

Package

Name
clamav-doc
Purl
pkg:rpm/tuxcare/clamav-doc?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-filesystem

Package

Name
clamav-filesystem
Purl
pkg:rpm/tuxcare/clamav-filesystem?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-freshclam

Package

Name
clamav-freshclam
Purl
pkg:rpm/tuxcare/clamav-freshclam?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-lib

Package

Name
clamav-lib
Purl
pkg:rpm/tuxcare/clamav-lib?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamav-milter

Package

Name
clamav-milter
Purl
pkg:rpm/tuxcare/clamav-milter?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"
clamd

Package

Name
clamd
Purl
pkg:rpm/tuxcare/clamd?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.9-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1756923561.json"