CVE-2025-15649

A flaw was found in perl-IO-Compress. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing a specially crafted zip file. The IO::Uncompress::Unzip module, which is part of perl-IO-Compress, does not properly handle malformed date information within a zip file'...

CVE-2025-15649

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

CVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

PT-2026-43482

Name of the Vulnerable Software and Affected Versions IO::Uncompress::Unzip versions prior to 2.215 Description An uncaught exception occurs when parsing a zip header containing a malformed DOS date. The function dosToUnixTime decodes the last-modification date field of the local-file-header and...