Sereal-Encoder Security Advisories - Cpan | Ecosyste.ms: Advisories

Sereal-Encoder

Fast, compact, powerful binary serialization

View on metacpan.org

Security Advisories for Sereal-Encoder in cpan

3 months ago

Sereal::Encoder versions from 4.000 through 4.009_002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Encoder embeds a version of the Zstandard (zstd) library that is vulnerable to CVE-2019-11922. This is a race condition in th... CPANSA-Sereal-Encoder-2024-14031

cpan Sereal-Encoder

Moderate

over 5 years ago

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unint... CPANSA-Sereal-Encoder-2021-24031-zstd

cpan Sereal-Encoder

Moderate

over 5 years ago

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore... CPANSA-Sereal-Encoder-2021-24032-zstd

cpan Sereal-Encoder

High

almost 8 years ago

In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter can both remain equal to zero. CPANSA-Sereal-Encoder-2018-12913-miniz

cpan Sereal-Encoder

Filter by Severity

Moderate 2 High 1