3 matches found
CVE-2017-20230
CVE-2017-20230 affects Perl’s Storable before 3.05. The issue arises in retrieve_hook, which stores the class-name length as a signed int but reads it as unsigned, enabling crafted data to trigger a stack overflow during read operations. Public reports confirm a high-impact condition (CRITICAL) w...
Perl 安全漏洞
Perl is a general-purpose, interpreted, dynamic, and cross-platform programming language developed by the Perl community. Versions of Perl prior to 3.05 contained security vulnerabilities. These vulnerabilities stemmed from the retrievehook function, which stored the length of class names as...
perl-Storable: Storable for Perl: Denial of service via stack overflow in retrieve_hook function
A flaw was found in Storable for Perl. A remote attacker can exploit a vulnerability in the retrievehook function by crafting malicious data. This flaw occurs because the function incorrectly handles the length of class names, storing it as a signed integer but processing it as unsigned during re...