CLSA-2026:1768821437

[CLSA-2026:1768821437] pki-servlet-engine: Fix of 2 CVEs

Type:

security

Severity:

Critical

Release date:

2026-01-19 11:17:21 UTC

Description:

- CVE-2025-31651: fix improper neutralization of escape, meta, or control sequences
- CVE-2025-55752: fix relative path traversal vulnerability

Updated packages:

pki-servlet-4.0-api-9.0.50-1.el9_2.2.tuxcare.els1.noarch.rpm
sha:d295c79cab868825b409b7cd0bf9f937597fff5f27694913361ccfe7061583d5
pki-servlet-engine-9.0.50-1.el9_2.2.tuxcare.els1.noarch.rpm
sha:c3ea93fddf6aa7b44fcab61ac410c0c4f3d707996886b3a0ea0fef31ceba484c

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.