rpm package
opensuse/perl-Sereal-Decoder&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/perl-Sereal-Decoder&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-8796 | Hig | 8.1 | < 5.6.0-1.1 | 5.6.0-1.1 | May 31, 2026 | Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byt |
- affected < 5.6.0-1.1fixed 5.6.0-1.1
Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byt