CVE-2026-3381
CRITICAL9.8EPSS 0.04%Published: 3/5/2026Modified: 4/28/2026
Description
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
Affected packages (2)
- Alpine/perl-compress-raw-zlibfrom 0, < 2.222-r0
- Debian/libcompress-raw-zlib-perlfrom 0, < 2.011-2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |