VDB

GCVE-110-MAGEIA-2026-158

GCVE-110-MAGEIA-2026-158
Advisory Published
Vulnetix · Advisory published May 29, 2026
The updated package fixes security vulnerabilities: IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. (CVE-2025-15649) IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. (CVE-2026-48959) IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. (CVE-2026-48962)

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-IO-Compress0 (affected), 2.204.0-1.1.mga9 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›