CVE-2026-45843

A flaw was found in the Linux kernel's Serial Line Internet Protocol SLIP implementation. The slhcuncompress function, which handles VJ-compressed TCP headers, fails to perform proper bounds checks during packet processing. A remote attacker could exploit this by sending a specially crafted...

EUVD-2026-32169

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

CVE-2025-15649

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

EUVD-2026-32043

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

CVE-2026-48959

CVE-2026-48959 affects IO::Uncompress::Unzip for Perl prior to 2.220. The issue is a per-byte read loop in fastForward that mis-compares the offset length to the chunk size, causing CPU exhaustion as it iterates from 16 KiB down to 1–19 bytes per step. Reading a named entry from an attacker-suppl...

CVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

CVE-2025-15649

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

Unzip 安全漏洞

Unzip is a Golang.zip decompression tool developed by Yige’s developers. Versions of Unzip prior to 2.215 contained security vulnerabilities. These vulnerabilities stemmed from failing to catch exceptions when parsing zip headers with incorrect DOS date formats. As a result, an exception was thro...

PT-2026-43486

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

Linux Distros Unpatched Vulnerability : CVE-2025-15649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the...

Astra Linux - уязвимость в connman

ConnMan also known as Connection Manager versions 1.30 to 1.39 have a stack-based buffer overflow issue in the uncompress function of dnsproxy.c, occurring due to the use of NAME, RDATA, or RDLENGTH fields for the A or AAAA records...

Astra Linux - уязвимость в libarchive

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

OSV-2026-664 Heap-buffer-overflow in DwaCompressor_uncompress

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=508362159 Crash type: Heap-buffer-overflow WRITE Crash state: DwaCompressoruncompress internalexrundodwaa exruncompresschunk...

OSV-2026-605 Heap-buffer-overflow in DwaCompressor_uncompress

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504280155 Crash type: Heap-buffer-overflow WRITE Crash state: DwaCompressoruncompress internalexrundodwaa exruncompresschunk...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the uncompressb44impl file. An attacker can cause an out-of-bounds write by supplying a specially crafted B44 or B44A EXR file that triggers an integer overflow, resulting in memory corruption or application...

SUSE: Security Advisory (SUSE-SU-2026:0741-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Symlink Attack

Overview compressing is an Everything you need for compressing and uncompressing Affected versions of this package are vulnerable to Symlink Attack via the compressing.tar.uncompress' function, which sanitizes the destination paths of archive entries. An attacker can overwrite or create files in...

JLSEC-2025-234 libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block ...

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...