3 matches found
EUVD-2024-55512
Sereal::Encoder versions from 4.000 through 4.009002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library. Sereal::Encoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of...
CVE-2024-14031
Sereal::Encoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Encoder embeds a version of the Zstandard zstd library that is vulnerable to CVE-2019-11922. This is a race condition in the one-pass compression functions of Zstandard prio...
CVE-2024-14031
CVE-2024-14031 affects Sereal::Encoder versions 4.000–4.009_002 for Perl, which embeds the Zstandard (zstd) library vulnerable to CVE-2019-11922. The vulnerability is a race-condition in Zstandard’s one-pass compression, allowing out-of-bounds writes when the output buffer is smaller than recomme...