CVE-2026-3381

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib

Description

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.

Affected Products

Vendor	Product	Versions
pmqs	compress\	<= 2.219

References

https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/(Third Party Advisory)
https://github.com/madler/zlib(Product)
https://github.com/madler/zlib/releases/tag/v1.3.2(Release Notes)
https://github.com/pmqs/Compress-Raw-Zlib/issues/41(Issue Tracking)
https://metacpan.org/release/PMQS/Compress-Raw-Zlib-2.221/source/Changes(Product, Release Notes)
https://www.cve.org/CVERecord?id=CVE-2026-27171(Third Party Advisory)
https://www.zlib.net/(Product)

Related News (1 articles)

Tier A

Microsoft MSRC1d ago

CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-1284

Published3/5/2026

Last enriched4h ago

Trending Score17

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: verified

Confidence: 100%