VYPR

IO::Compress::Brotli

by timlegge

CVEs (1)

  • CVE-2020-36846CriMay 30, 2025
    risk 0.57cvss 9.8epss 0.01

    A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library.  Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot"…