ROOT-OS-DEBIAN-11-CVE-2026-48959 CVE-2026-48959 in rootio-perl - Patched by Root

Root has patched CVE-2026-48959 in the rootio-perl package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-48959 CVE-2026-48959 in rootio-perl - Patched by Root

Root has patched CVE-2026-48959 in the rootio-perl package for Root:Debian:12. Multiple fixed versions available...

CVE-2026-48959

CVE-2026-48959 affects IO::Uncompress::Unzip for Perl prior to 2.220. The issue is a per-byte read loop in fastForward that mis-compares the offset length to the chunk size, causing CPU exhaustion as it iterates from 16 KiB down to 1–19 bytes per step. Reading a named entry from an attacker-suppl...

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

Linux Distros Unpatched Vulnerability : CVE-2026-48959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit...