[SECURITY] Fedora 44 Update: rust-astral_async_zip-0.0.18~rc4-2.fc44

An asynchronous ZIP archive reading/writing crate...

PT-2026-43486

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

EUVD-2025-14247

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-47815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in...

Linux Distros Unpatched Vulnerability : CVE-2021-41772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename...

Linux Distros Unpatched Vulnerability : CVE-2025-47814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in...

SUSE CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

SUSE CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

CVE-2025-47815

A flaw was found in the GNU PSPP ZIP Reader functionality. This vulnerability allows attackers to cause a heap-based buffer overflow via a crafted ZIP archive. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

DEBIAN-CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

DEBIAN-CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

UBUNTU-CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

UBUNTU-CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

CVE-2025-47814

CVE-2025-47814 describes a heap-based buffer overflow in PSPP’s zip reader. The vulnerable component is the PSPP core library, specifically the file zip-reader.c, within the function inflate_read (called indirectly from spv_read_xml_member). This issue affects the library artifact libpspp-core.a ...