CVE-2026-4738 GDAL Bundled zlib (inftree9.c) Pointer Offset Optimization Undefined Behavior Allows Heap Corruption or Remote Code Execution

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal frmts/zlib/contrib/infback9 modules. This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0...

CVE-2026-4738

CVE-2026-4738 affects OSGeo GDAL prior to 3.11.0 and is tied to the zlib-backed infback9 module (frmts/zlib/contrib/infback9). The vulnerability stems from a pointer offset/undefined behavior in inftree9.C that enables heap corruption and potential remote code execution. Official entries consiste...

AZL-79262 CVE-2026-3381 affecting package blosc 1.21.6-1

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

CLSA-2025-1749826078 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in bundled zlib...

CLSA-2025-1749825355 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in bundled zlib...