50 matches found
IO-Compress 安全漏洞
IO-Compress is a Perl library developed by Paul Marquess, which supports various compression formats. Versions of IO-Compress from 2.207 to 2.220 had security vulnerabilities. These vulnerabilities occurred due to the zipdetails CLI tool crashing when processing Info-ZIP Unix Extra Fields. This...
PT-2026-43488
Name of the Vulnerable Software and Affected Versions IO::Compress versions prior to 2.220 Description An issue in File::GlobMapper allows the execution of arbitrary code through an attacker-controlled output glob. The function parseOutputGlob wraps the provided output glob string in double quote...
IO-Compress 安全漏洞
IO-Compress is a Perl library developed by Paul Marquess, which supports various compression formats. Versions of IO-Compress prior to 2.220 contained security vulnerabilities. These vulnerabilities stemmed from File::GlobMapper, where arbitrary code could be executed through an output glob...
Linux Distros Unpatched Vulnerability : CVE-2026-48962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the...
GO-2025-3726 IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library in github.com/google/brotli
IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library in github.com/google/brotli...
CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
SUSE CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
UBUNTU-CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
CVE-2020-36846
CVE-2020-36846 maps to IO::Compress::Brotli using an embedded Brotli library vulnerable to a buffer overflow (CVE-2020-8927). Affected: IO::Compress::Brotli versions < 0.007 bundled with Brotli
CVE-2020-36846 IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
CVE-2020-36846 IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
MetaCPAN IO::Compress::Brotli 安全漏洞
MetaCPAN IO::Compress::Brotli is a library from the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN IO::Compress::Brotli versions prior to 0.007, which stems from a buffer overflow in the embedded Brotli inventory that could lead to a crash...
[SECURITY] Fedora 41 Update: perl-Compress-Raw-Lzma-2.212-6.fc41
This module provides a Perl interface to the lzma compression library. It is used by IO::Compress::Lzma...
perl-IO-Compress-2.213.0-1.1 on GA media (moderate)
perl-IO-Compress-2.213.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14657-1 Rating: moderate Cross-References: CVE-2016-1238 CVSS scores: CVE-2016-1238 SUSE : 6.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...
OPENSUSE-SU-2025:14657-1 perl-IO-Compress-2.213.0-1.1 on GA media
These are all security issues fixed in the perl-IO-Compress-2.213.0-1.1 package on the GA media of openSUSE Tumbleweed...
new packages: perl-IO-Compress-Lzma
An update is available for perl-IO-Compress-Lzma. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
new packages: perl-IO-Compress
An update is available for perl-IO-Compress. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...