CVE-2026-2219

216.73.216.233

· Published 07/03/2026 09:16 · Modified 07/03/2026 10:16

Labels: CVE-2026-2219 2026-03-07 CVE-2026-2219 [email protected]

Essential information

Published: 07/03/2026 09:16
Modified: 07/03/2026 10:16
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
debian / dpkg	`cpe:2.3:a:debian:dpkg::::::::`

CVE-2026-2219

Essential information

Description

NVD status

Affected products (CPE)

References