CVE-2026-27171

ADVISORY - nist

Summary

zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.

EPSS Score⁠: 0.00006 (0.004)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-1284⁠

Improper Validation of Specified Quantity in Input

ADVISORY - redhat

CWE-835⁠

Loop with Unreachable Exit Condition ('Infinite Loop')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.