Advisories ยป MGASA-2025-0202

Updated catdoc packages fix security vulnerabilities

Publication date: 05 Jul 2025
Modification date: 05 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48877 , CVE-2024-52035 , CVE-2024-54028

Description

A memory corruption vulnerability exists in the Shared String Table
Record Parser implementation in the xls2csv utility version 0.95.
(CVE-2024-48877)
An integer overflow vulnerability exists in the OLE Document File
Allocation Table Parser functionality of catdoc 0.95. (CVE-2024-52035)
An integer underflow vulnerability exists in the OLE Document DIFAT
Parser functionality of catdoc 0.95. (CVE-2024-54028)
                

References

SRPMS

9/core