MSRC_CVE-2026-3381
Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-03-17 01:36Summary
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-3381.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib",
"tracking": {
"current_release_date": "2026-03-17T01:36:58.000Z",
"generator": {
"date": "2026-03-17T07:02:50.770Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-3381",
"initial_release_date": "2026-03-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-07T01:03:39.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-03-11T14:36:22.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-03-14T01:01:22.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-03-17T01:36:58.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 cloud-hypervisor 32.0-7",
"product": {
"name": "cbl2 cloud-hypervisor 32.0-7",
"product_id": "30"
}
},
{
"category": "product_version_range",
"name": "azl3 cloud-hypervisor 48.0.246-3",
"product": {
"name": "azl3 cloud-hypervisor 48.0.246-3",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "cloud-hypervisor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 cloud-hypervisor-cvm 38.0.72.2-5",
"product": {
"name": "cbl2 cloud-hypervisor-cvm 38.0.72.2-5",
"product_id": "34"
}
}
],
"category": "product_name",
"name": "cloud-hypervisor-cvm"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 conda 4.11.0-1",
"product": {
"name": "cbl2 conda 4.11.0-1",
"product_id": "29"
}
},
{
"category": "product_version_range",
"name": "azl3 conda 24.3.0-4",
"product": {
"name": "azl3 conda 24.3.0-4",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "conda"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 erlang 25.3.2.21-4",
"product": {
"name": "cbl2 erlang 25.3.2.21-4",
"product_id": "24"
}
},
{
"category": "product_version_range",
"name": "azl3 erlang 26.2.5.17-1",
"product": {
"name": "azl3 erlang 26.2.5.17-1",
"product_id": "8"
}
}
],
"category": "product_name",
"name": "erlang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 grpc 1.42.0-11",
"product": {
"name": "cbl2 grpc 1.42.0-11",
"product_id": "49"
}
},
{
"category": "product_version_range",
"name": "azl3 grpc 1.62.3-1",
"product": {
"name": "azl3 grpc 1.62.3-1",
"product_id": "50"
}
}
],
"category": "product_name",
"name": "grpc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 gdb 13.2-6",
"product": {
"name": "azl3 gdb 13.2-6",
"product_id": "23"
}
}
],
"category": "product_name",
"name": "gdb"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 keras 2.11.0-3",
"product": {
"name": "cbl2 keras 2.11.0-3",
"product_id": "32"
}
}
],
"category": "product_name",
"name": "keras"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 mariadb 10.6.24-1",
"product": {
"name": "cbl2 mariadb 10.6.24-1",
"product_id": "19"
}
},
{
"category": "product_version_range",
"name": "azl3 mariadb 10.11.16-1",
"product": {
"name": "azl3 mariadb 10.11.16-1",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "mariadb"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 mariadb-connector-c 3.1.10-6",
"product": {
"name": "cbl2 mariadb-connector-c 3.1.10-6",
"product_id": "36"
}
},
{
"category": "product_version_range",
"name": "azl3 mariadb-connector-c 3.3.8-3",
"product": {
"name": "azl3 mariadb-connector-c 3.3.8-3",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "mariadb-connector-c"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 mysql 8.0.45-2",
"product": {
"name": "cbl2 mysql 8.0.45-2",
"product_id": "3"
}
},
{
"category": "product_version_range",
"name": "azl3 mysql 8.0.45-1",
"product": {
"name": "azl3 mysql 8.0.45-1",
"product_id": "13"
}
}
],
"category": "product_name",
"name": "mysql"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 nmap 7.93-4",
"product": {
"name": "cbl2 nmap 7.93-4",
"product_id": "14"
}
},
{
"category": "product_version_range",
"name": "azl3 nmap 7.95-3",
"product": {
"name": "azl3 nmap 7.95-3",
"product_id": "15"
}
}
],
"category": "product_name",
"name": "nmap"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 nss 3.75-2",
"product": {
"name": "cbl2 nss 3.75-2",
"product_id": "25"
}
},
{
"category": "product_version_range",
"name": "azl3 nss 3.96.1-3",
"product": {
"name": "azl3 nss 3.96.1-3",
"product_id": "31"
}
}
],
"category": "product_name",
"name": "nss"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 kata-containers 3.19.1.kata2-6",
"product": {
"name": "azl3 kata-containers 3.19.1.kata2-6",
"product_id": "7"
}
}
],
"category": "product_name",
"name": "kata-containers"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 perl 5.34.1-491",
"product": {
"name": "cbl2 perl 5.34.1-491",
"product_id": "27"
}
}
],
"category": "product_name",
"name": "perl"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "cbl2 python-tensorboard 2.11.0-3",
"product_id": "39"
}
},
{
"category": "product_version_range",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "40"
}
}
],
"category": "product_name",
"name": "python-tensorboard"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 python-tensorflow-estimator 2.11.0-2",
"product": {
"name": "cbl2 python-tensorflow-estimator 2.11.0-2",
"product_id": "26"
}
}
],
"category": "product_name",
"name": "python-tensorflow-estimator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 qt5-qtbase 5.12.11-19",
"product": {
"name": "cbl2 qt5-qtbase 5.12.11-19",
"product_id": "17"
}
}
],
"category": "product_name",
"name": "qt5-qtbase"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 rubygem-mini_portile2 2.8.0-1",
"product": {
"name": "cbl2 rubygem-mini_portile2 2.8.0-1",
"product_id": "37"
}
},
{
"category": "product_version_range",
"name": "azl3 rubygem-mini_portile2 2.8.4-1",
"product": {
"name": "azl3 rubygem-mini_portile2 2.8.4-1",
"product_id": "38"
}
}
],
"category": "product_name",
"name": "rubygem-mini_portile2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 rust 1.72.0-14",
"product": {
"name": "cbl2 rust 1.72.0-14",
"product_id": "12"
}
},
{
"category": "product_version_range",
"name": "azl3 rust 1.75.0-25",
"product": {
"name": "azl3 rust 1.75.0-25",
"product_id": "11"
}
},
{
"category": "product_version_range",
"name": "azl3 rust 1.90.0-4",
"product": {
"name": "azl3 rust 1.90.0-4",
"product_id": "10"
}
}
],
"category": "product_name",
"name": "rust"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 sudo 1.9.17-1",
"product": {
"name": "cbl2 sudo 1.9.17-1",
"product_id": "28"
}
},
{
"category": "product_version_range",
"name": "azl3 sudo 1.9.17-1",
"product": {
"name": "azl3 sudo 1.9.17-1",
"product_id": "43"
}
}
],
"category": "product_name",
"name": "sudo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 syslinux 6.04-10",
"product": {
"name": "cbl2 syslinux 6.04-10",
"product_id": "44"
}
},
{
"category": "product_version_range",
"name": "azl3 syslinux 6.04-11",
"product": {
"name": "azl3 syslinux 6.04-11",
"product_id": "51"
}
}
],
"category": "product_name",
"name": "syslinux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 tcl 8.6.13-3",
"product": {
"name": "cbl2 tcl 8.6.13-3",
"product_id": "47"
}
},
{
"category": "product_version_range",
"name": "azl3 tcl 8.6.13-3",
"product": {
"name": "azl3 tcl 8.6.13-3",
"product_id": "45"
}
}
],
"category": "product_name",
"name": "tcl"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "cbl2 tensorflow 2.11.1-2",
"product_id": "41"
}
},
{
"category": "product_version_range",
"name": "azl3 tensorflow 2.16.1-11",
"product": {
"name": "azl3 tensorflow 2.16.1-11",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "tensorflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 qtbase 6.6.3-4",
"product": {
"name": "azl3 qtbase 6.6.3-4",
"product_id": "42"
}
}
],
"category": "product_name",
"name": "qtbase"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 zlib 1.2.13-2",
"product": {
"name": "cbl2 zlib 1.2.13-2",
"product_id": "48"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 zlib 1.3.1-1",
"product": {
"name": "\u003cazl3 zlib 1.3.1-1",
"product_id": "46"
}
},
{
"category": "product_version",
"name": "azl3 zlib 1.3.1-1",
"product": {
"name": "azl3 zlib 1.3.1-1",
"product_id": "18109"
}
}
],
"category": "product_name",
"name": "zlib"
},
{
"category": "product_name",
"name": "cbl2 boost 1.76.0-4",
"product": {
"name": "cbl2 boost 1.76.0-4",
"product_id": "35"
}
},
{
"category": "product_name",
"name": "cbl2 ceph 16.2.10-11",
"product": {
"name": "cbl2 ceph 16.2.10-11",
"product_id": "21"
}
},
{
"category": "product_name",
"name": "cbl2 cmake 3.21.4-21",
"product": {
"name": "cbl2 cmake 3.21.4-21",
"product_id": "16"
}
},
{
"category": "product_name",
"name": "azl3 binutils 2.41-10",
"product": {
"name": "azl3 binutils 2.41-10",
"product_id": "22"
}
},
{
"category": "product_name",
"name": "azl3 boost 1.83.0-2",
"product": {
"name": "azl3 boost 1.83.0-2",
"product_id": "33"
}
},
{
"category": "product_name",
"name": "azl3 ceph 18.2.2-12",
"product": {
"name": "azl3 ceph 18.2.2-12",
"product_id": "20"
}
},
{
"category": "product_name",
"name": "azl3 cmake 3.30.3-12",
"product": {
"name": "azl3 cmake 3.30.3-12",
"product_id": "9"
}
},
{
"category": "product_name",
"name": "azl3 crash 9.0.0-1",
"product": {
"name": "azl3 crash 9.0.0-1",
"product_id": "18"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 boost 1.76.0-4 as a component of CBL Mariner 2.0",
"product_id": "17086-35"
},
"product_reference": "35",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 ceph 16.2.10-11 as a component of CBL Mariner 2.0",
"product_id": "17086-21"
},
"product_reference": "21",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cloud-hypervisor 32.0-7 as a component of CBL Mariner 2.0",
"product_id": "17086-30"
},
"product_reference": "30",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cloud-hypervisor-cvm 38.0.72.2-5 as a component of CBL Mariner 2.0",
"product_id": "17086-34"
},
"product_reference": "34",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cmake 3.21.4-21 as a component of CBL Mariner 2.0",
"product_id": "17086-16"
},
"product_reference": "16",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 binutils 2.41-10 as a component of Azure Linux 3.0",
"product_id": "17084-22"
},
"product_reference": "22",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 conda 4.11.0-1 as a component of CBL Mariner 2.0",
"product_id": "17086-29"
},
"product_reference": "29",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 boost 1.83.0-2 as a component of Azure Linux 3.0",
"product_id": "17084-33"
},
"product_reference": "33",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ceph 18.2.2-12 as a component of Azure Linux 3.0",
"product_id": "17084-20"
},
"product_reference": "20",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 erlang 25.3.2.21-4 as a component of CBL Mariner 2.0",
"product_id": "17086-24"
},
"product_reference": "24",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cloud-hypervisor 48.0.246-3 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cmake 3.30.3-12 as a component of Azure Linux 3.0",
"product_id": "17084-9"
},
"product_reference": "9",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 conda 24.3.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 crash 9.0.0-1 as a component of Azure Linux 3.0",
"product_id": "17084-18"
},
"product_reference": "18",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 erlang 26.2.5.17-1 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 grpc 1.42.0-11 as a component of CBL Mariner 2.0",
"product_id": "17086-49"
},
"product_reference": "49",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gdb 13.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-23"
},
"product_reference": "23",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 keras 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-32"
},
"product_reference": "32",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 mariadb 10.6.24-1 as a component of CBL Mariner 2.0",
"product_id": "17086-19"
},
"product_reference": "19",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 mariadb-connector-c 3.1.10-6 as a component of CBL Mariner 2.0",
"product_id": "17086-36"
},
"product_reference": "36",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 grpc 1.62.3-1 as a component of Azure Linux 3.0",
"product_id": "17084-50"
},
"product_reference": "50",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 mysql 8.0.45-2 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nmap 7.93-4 as a component of CBL Mariner 2.0",
"product_id": "17086-14"
},
"product_reference": "14",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nss 3.75-2 as a component of CBL Mariner 2.0",
"product_id": "17086-25"
},
"product_reference": "25",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kata-containers 3.19.1.kata2-6 as a component of Azure Linux 3.0",
"product_id": "17084-7"
},
"product_reference": "7",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 perl 5.34.1-491 as a component of CBL Mariner 2.0",
"product_id": "17086-27"
},
"product_reference": "27",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-39"
},
"product_reference": "39",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorflow-estimator 2.11.0-2 as a component of CBL Mariner 2.0",
"product_id": "17086-26"
},
"product_reference": "26",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mariadb-connector-c 3.3.8-3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mysql 8.0.45-1 as a component of Azure Linux 3.0",
"product_id": "17084-13"
},
"product_reference": "13",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nmap 7.95-3 as a component of Azure Linux 3.0",
"product_id": "17084-15"
},
"product_reference": "15",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nss 3.96.1-3 as a component of Azure Linux 3.0",
"product_id": "17084-31"
},
"product_reference": "31",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 qt5-qtbase 5.12.11-19 as a component of CBL Mariner 2.0",
"product_id": "17086-17"
},
"product_reference": "17",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rubygem-mini_portile2 2.8.0-1 as a component of CBL Mariner 2.0",
"product_id": "17086-37"
},
"product_reference": "37",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rust 1.72.0-14 as a component of CBL Mariner 2.0",
"product_id": "17086-12"
},
"product_reference": "12",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-40"
},
"product_reference": "40",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 sudo 1.9.17-1 as a component of CBL Mariner 2.0",
"product_id": "17086-28"
},
"product_reference": "28",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 syslinux 6.04-10 as a component of CBL Mariner 2.0",
"product_id": "17086-44"
},
"product_reference": "44",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tcl 8.6.13-3 as a component of CBL Mariner 2.0",
"product_id": "17086-47"
},
"product_reference": "47",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tensorflow 2.11.1-2 as a component of CBL Mariner 2.0",
"product_id": "17086-41"
},
"product_reference": "41",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 qtbase 6.6.3-4 as a component of Azure Linux 3.0",
"product_id": "17084-42"
},
"product_reference": "42",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 zlib 1.2.13-2 as a component of CBL Mariner 2.0",
"product_id": "17086-48"
},
"product_reference": "48",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rubygem-mini_portile2 2.8.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-38"
},
"product_reference": "38",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.75.0-25 as a component of Azure Linux 3.0",
"product_id": "17084-11"
},
"product_reference": "11",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.90.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-10"
},
"product_reference": "10",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 sudo 1.9.17-1 as a component of Azure Linux 3.0",
"product_id": "17084-43"
},
"product_reference": "43",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 syslinux 6.04-11 as a component of Azure Linux 3.0",
"product_id": "17084-51"
},
"product_reference": "51",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tcl 8.6.13-3 as a component of Azure Linux 3.0",
"product_id": "17084-45"
},
"product_reference": "45",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 2.16.1-11 as a component of Azure Linux 3.0",
"product_id": "17084-6"
},
"product_reference": "6",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 zlib 1.3.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-46"
},
"product_reference": "46",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 zlib 1.3.1-1 as a component of Azure Linux 3.0",
"product_id": "18109-17084"
},
"product_reference": "18109",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mariadb 10.11.16-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3381",
"cwe": {
"id": "CWE-1395",
"name": "Dependency on Vulnerable Third-Party Component"
},
"flags": [
{
"label": "vulnerable_code_not_in_execute_path",
"product_ids": [
"17086-35",
"17086-21",
"17086-16",
"17084-22",
"17084-33",
"17084-20",
"17084-9",
"17084-18"
]
}
],
"notes": [
{
"category": "general",
"text": "CPANSec",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18109-17084"
],
"known_affected": [
"17086-30",
"17086-34",
"17086-29",
"17086-24",
"17084-5",
"17084-4",
"17084-8",
"17086-49",
"17084-23",
"17086-32",
"17086-19",
"17086-36",
"17084-50",
"17086-3",
"17086-14",
"17086-25",
"17084-7",
"17086-27",
"17086-39",
"17086-26",
"17084-2",
"17084-13",
"17084-15",
"17084-31",
"17086-17",
"17086-37",
"17086-12",
"17084-40",
"17086-28",
"17086-44",
"17086-47",
"17086-41",
"17084-42",
"17086-48",
"17084-38",
"17084-11",
"17084-10",
"17084-43",
"17084-51",
"17084-45",
"17084-6",
"17084-46",
"17084-1"
],
"known_not_affected": [
"17086-35",
"17086-21",
"17086-16",
"17084-22",
"17084-33",
"17084-20",
"17084-9",
"17084-18"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-3381.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-30"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-34"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-29"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-24"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-5"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-4"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-8"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-49"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-23"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-32"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-19"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-36"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-50"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-3"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-14"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-25"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-7"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-27"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-39"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-26"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-2"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-13"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-15"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-31"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-17"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-37"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-12"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-40"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-28"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-44"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-47"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-41"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-42"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-48"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-38"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-11"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-10"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-43"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-51"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-45"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-6"
]
},
{
"category": "none_available",
"date": "2026-03-07T01:03:39.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
},
{
"category": "vendor_fix",
"date": "2026-03-07T01:03:39.000Z",
"details": "1.3.2-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-46"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-30",
"17086-34",
"17086-29",
"17086-24",
"17084-5",
"17084-4",
"17084-8",
"17086-49",
"17084-23",
"17086-32",
"17086-19",
"17086-36",
"17084-50",
"17086-3",
"17086-14",
"17086-25",
"17084-7",
"17086-27",
"17086-39",
"17086-26",
"17084-2",
"17084-13",
"17084-15",
"17084-31",
"17086-17",
"17086-37",
"17086-12",
"17084-40",
"17086-28",
"17086-44",
"17086-47",
"17086-41",
"17084-42",
"17086-48",
"17084-38",
"17084-11",
"17084-10",
"17084-43",
"17084-51",
"17084-45",
"17084-6",
"17084-46",
"17084-1"
]
}
],
"title": "Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…