{ "affected": [ { "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "da607da739fa6047df13e66a2af6b8bec7c2a498" } ], "repo": "https://github.com/madler/zlib", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "2.219" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "417f977e9c7122b62a581278667175593a1efdf0" } ], "repo": "https://github.com/pmqs/Compress-Raw-Zlib", "type": "GIT" } ] } ], "details": "Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib.\n\nCompress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.", "id": "CVE-2026-3381", "modified": "2026-04-01T23:08:03.625245072Z", "published": "2026-03-05T02:16:52.267Z", "references": [ { "type": "WEB", "url": "https://www.zlib.net/" }, { "type": "ADVISORY", "url": "https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/" }, { "type": "ADVISORY", "url": "https://github.com/madler/zlib/releases/tag/v1.3.2" }, { "type": "ADVISORY", "url": "https://metacpan.org/release/PMQS/Compress-Raw-Zlib-2.221/source/Changes" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27171" }, { "type": "REPORT", "url": "https://github.com/pmqs/Compress-Raw-Zlib/issues/41" }, { "type": "PACKAGE", "url": "https://github.com/madler/zlib" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }