CVE-2026-27820
Published: April 16th, 2026
zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstream_buffer_ungets function prepends caller-provided bytes ahead of previously produced output but fails to guarantee the backing Ruby string has enough capacity before the memmove shifts the existing data. This can lead to memory corruption when the buffer length exceeds capacity. This issue has been fixed in versions 3.0.1, 3.1.2 and 3.2.3.
Unknown
CVSS v2:
CVSS v2:
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 26.2 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 26.1 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 25.4 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 25.3 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 25.2 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 25.1 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 24.4 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 24.4.0 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 24.3 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 24.2 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 24.1 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 23.3 | zlib (1.3) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 23.2 | zlib (1.2.12) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 23.1 | zlib (1.2.12) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 22.4 | zlib (1.2.12) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 22.3 | zlib (1.2.12) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 22.2 | zlib (1.2.12) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 22.1 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 21.11 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 21.8 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 21.5.0 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 21.2.0 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.19.3667 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.18.3599 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.16.3445 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.15.3368 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.14.3263 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.13.3179 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.12.3054 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.11.3040 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.11.2990 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.10.2934 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.9.2878 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |
| 11.4.8.2822 | zlib (1.2.11) | Not Affected | Code Not Present | CVE-2026-27820 affects the Ruby zlib gem (ruby/zlib), a Ruby-language binding for zlib, not the upstream C zlib library (madler/zlib). The vulnerable function zstream_buffer_ungets is Ruby-specific code that manages Ruby string buffers for Zlib::GzipReader. Document Filters uses the C zlib library version 1.3 directly from madler/zlib and does not include or use any Ruby code, the Ruby zlib gem, or the zstream_buffer_ungets function. |