CLSA-2026-1774266713

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774266713.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1774266713
Upstream
Published
2026-03-23T11:51:58Z
Modified
2026-05-27T11:17:04.049408398Z
Summary
exiv2: Fix of 2 CVEs
Details
  • CVE-2026-25884: fix out-of-bounds read in CRW image parser
  • CVE-2026-27596: fix integer underflow in preview component
References

Affected packages

TuxCare:AlmaLinux:9.2 / exiv2

Package

Name
exiv2
Purl
pkg:rpm/tuxcare/exiv2?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.27.5-2.el9.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774266713.json"

TuxCare:AlmaLinux:9.2 / exiv2-devel

Package

Name
exiv2-devel
Purl
pkg:rpm/tuxcare/exiv2-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.27.5-2.el9.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774266713.json"

TuxCare:AlmaLinux:9.2 / exiv2-doc

Package

Name
exiv2-doc
Purl
pkg:rpm/tuxcare/exiv2-doc?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.27.5-2.el9.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774266713.json"

TuxCare:AlmaLinux:9.2 / exiv2-libs

Package

Name
exiv2-libs
Purl
pkg:rpm/tuxcare/exiv2-libs?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.27.5-2.el9.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774266713.json"