CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
47.3%
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
Debian | 11 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
Debian | 999 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
Debian | 13 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |