Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libsereal-encoder-perl@4.018%2Bds-1?distro=trixie
Typedeb
Namespacedebian
Namelibsereal-encoder-perl
Version4.018+ds-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.003+ds-1
Latest_non_vulnerable_version5.006+ds-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5455-fv5g-eqgy
vulnerability_id VCID-5455-fv5g-eqgy
summary 
Sereal::Encoder versions from 4.000 through 4.009_002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library.

Sereal::Encoder embeds a version of the Zstandard (zstd) library that is vulnerable to CVE-2019-11922.  This is a race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-14031
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19141
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-14031
1
reference_url https://metacpan.org/release/YVES/Sereal-Encoder-4.010/changes
reference_id changes
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:19:21Z/
url https://metacpan.org/release/YVES/Sereal-Encoder-4.010/changes
2
reference_url https://www.cve.org/CVERecord?id=CVE-2019-11922
reference_id CVERecord?id=CVE-2019-11922
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:19:21Z/
url https://www.cve.org/CVERecord?id=CVE-2019-11922
3
reference_url https://github.com/advisories/GHSA-w77f-wv46-4vcx
reference_id GHSA-w77f-wv46-4vcx
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:19:21Z/
url https://github.com/advisories/GHSA-w77f-wv46-4vcx
fixed_packages
0
url pkg:deb/debian/libsereal-encoder-perl@0?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@0%3Fdistro=trixie
1
url pkg:deb/debian/libsereal-encoder-perl@4.018%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@4.018%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@4.018%252Bds-1%3Fdistro=trixie
2
url pkg:deb/debian/libsereal-encoder-perl@5.003%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.003%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.003%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/libsereal-encoder-perl@5.004%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.004%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.004%252Bds-1%3Fdistro=trixie
4
url pkg:deb/debian/libsereal-encoder-perl@5.006%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.006%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.006%252Bds-1%3Fdistro=trixie
aliases CVE-2024-14031
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5455-fv5g-eqgy
1
url VCID-gdc3-y38w-uyfj
vulnerability_id VCID-gdc3-y38w-uyfj
summary 
Sereal::Decoder versions from 4.000 through 4.009_002 for Perl is vulnerable to a buffer overwrite flaw in the Zstandard library.

Sereal::Decoder embeds a version of the Zstandard (zstd) library that is vulnerable to CVE-2019-11922.  This is a race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-14030
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19141
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-14030
1
reference_url https://metacpan.org/release/YVES/Sereal-Decoder-4.010/changes
reference_id changes
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:18:18Z/
url https://metacpan.org/release/YVES/Sereal-Decoder-4.010/changes
2
reference_url https://www.cve.org/CVERecord?id=CVE-2019-11922
reference_id CVERecord?id=CVE-2019-11922
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:18:18Z/
url https://www.cve.org/CVERecord?id=CVE-2019-11922
3
reference_url https://github.com/advisories/GHSA-w77f-wv46-4vcx
reference_id GHSA-w77f-wv46-4vcx
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T14:18:18Z/
url https://github.com/advisories/GHSA-w77f-wv46-4vcx
fixed_packages
0
url pkg:deb/debian/libsereal-encoder-perl@0?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@0%3Fdistro=trixie
1
url pkg:deb/debian/libsereal-encoder-perl@4.018%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@4.018%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@4.018%252Bds-1%3Fdistro=trixie
2
url pkg:deb/debian/libsereal-encoder-perl@5.003%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.003%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.003%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/libsereal-encoder-perl@5.004%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.004%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.004%252Bds-1%3Fdistro=trixie
4
url pkg:deb/debian/libsereal-encoder-perl@5.006%2Bds-1?distro=trixie
purl pkg:deb/debian/libsereal-encoder-perl@5.006%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@5.006%252Bds-1%3Fdistro=trixie
aliases CVE-2024-14030
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdc3-y38w-uyfj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libsereal-encoder-perl@4.018%252Bds-1%3Fdistro=trixie