CVE-2026-22184 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the…
Medium CVSS: 4.6

CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz command with an excessively long archive name supplied via the command line, leading to an out-of-bounds write in a fixed-size global buffer.
Vendor
Zlib
Product
Zlib
CWE
CWE-787
Yayın Tarihi
2026-01-07 21:16:01
Güncelleme
2026-03-18 16:26:31
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-787 Zlib MEDIUM Zlib 2026

Referanslar

https://github.com/madler/zlib https://seclists.org/fulldisclosure/2026/Jan/3 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/ https://github.com/madler/zlib/issues/1142