26 matches found
CVE-2024-14030
Sereal::Decoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Decoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of Zstandard prio...
CVE-2024-14030 Sereal::Decoder versions from 4.000 through 4.009_002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library
Sereal::Decoder versions from 4.000 through 4.009002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library. Sereal::Decoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of...
CVE-2024-14030
Sereal::Decoder versions from 4.000 through 4.009002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library. Sereal::Decoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of...
CVE-2024-14030
Sereal::Decoder for Perl versions 4.000–4.009_002 embeds Zstandard (zstd) prior to 1.3.8, which has a race-condition in one-pass compression that can cause a out-of-bounds write if the output buffer is undersized (CVE-2019-11922). Affected product: Sereal::Decoder (Perl); vulnerable component: em...
CVE-2024-14030
Sereal::Decoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Decoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of Zstandard prio...
Sereal::Decoder 安全漏洞
Sereal::Decoder is a decoding module developed by YVES’s individual developers, designed for parsing high-performance binary serialization data formats. Versions 4.000 to 4.009002 of Sereal::Decoder contain security vulnerabilities. These vulnerabilities stem from a buffer out-of-bounds write fla...