Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Compress::Raw::Zlib: Insecure zlib versions may expose sensitive data
CVE-2026-3381
Summary
Perl's Compress::Raw::Zlib module uses outdated zlib versions, potentially allowing attackers to access sensitive data. Users of this module should update to version 2.220 or later to ensure they have the latest security fixes. This update is particularly important if you handle sensitive data, such as financial information or personal records.
Original title
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib.
Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes z...
Original description
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib.
Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for CVE-2026-27171.
nvd CVSS3.1
9.8
- https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/
- https://github.com/madler/zlib
- https://github.com/madler/zlib/releases/tag/v1.3.2
- https://metacpan.org/release/PMQS/Compress-Raw-Zlib-2.221/source/Changes
- https://www.cve.org/CVERecord?id=CVE-2026-27171
- https://www.zlib.net/
- https://github.com/pmqs/Compress-Raw-Zlib/issues/41
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026