VYPR

rpm package

opensuse/perl-IO-Compress&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/perl-IO-Compress&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-48962HigMay 27, 2026
    affected < 2.220.0-1.1fixed 2.220.0-1.1

    IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the stored

  • CVE-2026-48961HigMay 27, 2026
    affected < 2.220.0-2.1fixed 2.220.0-2.1

    IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decode_ux() in bin/zipdetails handles an Info-ZIP Unix Extra Field (tag 0x7875) with UID Size or GID

  • CVE-2016-1238HigAug 2, 2016
    affected < 2.213.0-1.1fixed 2.213.0-1.1

    (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpa