Описание
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib.
Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
A flaw was found in Compress::Raw::Zlib. This component bundles an outdated version of the zlib compression library, which contains known security vulnerabilities. An attacker could potentially exploit these underlying zlib vulnerabilities through Compress::Raw::Zlib, leading to unspecified security impacts.
Отчет
This has been rated as moderate as the older version of zlib only has two known flaws, and one of them is a bufferoverflow that is in the contrib directory, and so are not part of zlib.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | perl-Compress-Raw-Zlib | Not affected | ||
| Red Hat Enterprise Linux 7 | perl-Compress-Raw-Zlib | Not affected | ||
| Red Hat Enterprise Linux 8 | perl:5.32/perl-Compress-Raw-Zlib | Not affected | ||
| Red Hat Enterprise Linux 8 | perl-Compress-Raw-Zlib | Not affected | ||
| Red Hat Enterprise Linux 9 | perl-Compress-Raw-Zlib | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib
Compress::Raw::Zlib versions through 2.219 for Perl use potentially in ...
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
EPSS
5.3 Medium
CVSS3