A buffer overflow vulnerability exists in Zlib::GzipReader. This vulnerability has been assigned the CVE identifier CVE-2026-27820. We recommend upgrading th...

Ruby is a dynamic, object-oriented programming language known for its simplicity and elegance, offering a productive and enjoyable development experience for software engineers. Developers can learn about Ruby programming fundamentals, web development with Ruby on Rails, and building scalable and maintainable applications with Ruby's expressive syntax and rich ecosystem of libraries and frameworks.

Ruby

A buffer overflow vulnerability (CVE-2026-27820) has been discovered in Ruby's Zlib::GzipReader. The flaw exists in the zstream_buffer_ungets function, which fails to ensure sufficient buffer capacity before shifting existing data, potentially leading to memory corruption. Ruby users are advised to update the zlib gem to version 3.2.3 or later (or 3.0.1 for Ruby 3.2 users, 3.1.2 for Ruby 3.3 users). All zlib gem versions 3.2.2 and below are affected.

CVE-2026-27820: Buffer overflow vulnerability in Zlib::GzipReader