CVE-2024-14031
CVE-2024-14031 affects Sereal::Encoder versions 4.000–4.009_002 for Perl, which embeds the Zstandard (zstd) library vulnerable to CVE-2019-11922. The vulnerability is a race-condition in Zstandard’s one-pass compression, allowing out-of-bounds writes when the output buffer is smaller than recomme...