CVE-2026-22184

zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname()

Published: 1/7/2026 Last updated: 1/15/2026 Reserved: 1/6/2026

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz command with an excessively long archive name supplied via the command line, leading to an out-of-bounds write in a fixed-size global buffer.

CNA assigner: VulnCheck (83251b91-4cc7-4094-a5c7-464a1b83ea10) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
4.0	4.6	Medium	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Opam packages affected (13)

bap-std camlzip conf-gd conf-libclang conf-libdw conf-llvm conf-llvm-shared conf-llvm-static conf-mingw-w64-zlib-i686 conf-mingw-w64-zlib-x86_64 conf-taglib conf-zlib kafka

Products affected (2)

Product	Vendor	Version
zlib	zlib software	AMD Software: PRO Edition 24.Q4 (24.20.30 RDNA)
zlib	zlib software	< 8.9.3

References (10)

Credits (2)

1 Ron Edgerson
1 Ron Edgerson