Msrc Azl3 Boost 1.83.0-2 vulnerabilities
5 known vulnerabilities affecting msrc/azl3_boost_1.83.0-2.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-3381CRITICALCVSS 9.82026-03-10
CVE-2026-3381 [CRITICAL] CWE-1395 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib
Mariner: Mariner
CPANSec: CPANSec
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2026-22184CRITICALCVSS 9.82026-01-13
CVE-2026-22184 [MEDIUM] CWE-120 zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname()
zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname()
Mariner: Mariner
VulnCheck: VulnCheck
Customer Action Required: Yes
msrc
CVE-2025-1744CRITICALCVSS 9.82025-02-11
CVE-2025-1744 [CRITICAL] CWE-787 Out-of-bounds Write in radare2
Out-of-bounds Write in radare2
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed t
msrc
CVE-2023-45853CRITICALCVSS 9.82023-10-10
CVE-2023-45853 [CRITICAL] CWE-190 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported par
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vuln
msrc
CVE-2018-25032HIGHCVSS 7.52022-03-08
CVE-2018-25032 [HIGH] CWE-787 zlib before 1.2.12 allows memory corruption when deflating (i.e. when compressing) if the input has many distant matches.
zlib before 1.2.12 allows memory corruption when deflating (i.e. when compressing) if the input has many distant matches.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux di
msrc