CVE-2026-3381

EPSS 0.04%
Veröffentlicht 05.03.2026 01:28:48
Zuletzt bearbeitet 18.03.2026 19:26:39
Quelle 9b29abf9-4ab0-4765-b253-1875cd
CVE-Watchlists
Login
Unerledigt
Login

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib.

Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pmqs ≫ Compress::raw::zlib SwPlatformperl Version <= 2.219

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://github.com/madler/zlib

Product

https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/

Third Party Advisory

https://github.com/madler/zlib/releases/tag/v1.3.2

Release Notes

https://metacpan.org/release/PMQS/Compress-Raw-Zlib-2.221/source/Changes

Product

Release Notes

https://www.zlib.net/

Product

https://www.cve.org/CVERecord?id=CVE-2026-27171