3 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-14030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sereal::Decoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Decoder embeds a version of the...
CVE-2024-14030 Sereal::Decoder versions from 4.000 through 4.009_002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library
Sereal::Decoder versions from 4.000 through 4.009002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library. Sereal::Decoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of...
CVE-2024-14030
Sereal::Decoder for Perl versions 4.000–4.009_002 embeds Zstandard (zstd) prior to 1.3.8, which has a race-condition in one-pass compression that can cause a out-of-bounds write if the output buffer is undersized (CVE-2019-11922). Affected product: Sereal::Decoder (Perl); vulnerable component: em...