VDB
GCVE-110-MAGEIA-2026-158
GCVE-110-MAGEIA-2026-158
Advisory Published
The updated package fixes security vulnerabilities:
IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught
exception when parsing zip header with malformed DOS date.
(CVE-2025-15649)
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU
exhaustion via per-byte read loop in fastForward. (CVE-2026-48959)
IO::Compress versions before 2.220 for Perl can execute arbitrary code
in File::GlobMapper via an attacker-controlled output glob.
(CVE-2026-48962)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | perl-IO-Compress | 0 (affected), 2.204.0-1.1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.