CVE-2026-3381
CRITICAL9.8EPSS 0.04%發布日:2026/3/5修改日:2026/3/30
也稱為:ALPINE-CVE-2026-3381
描述
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
受影響套件(2)
- Alpine/perl-compress-raw-zlibfrom 0, < 2.222-r0
- Debian/libcompress-raw-zlib-perlfrom 0, < 2.011-2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |