Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-4330HistorySep 30, 2014 - 4:55 p.m.
CVE-2014-4330
2014-09-3016:55:06
Debian Security Bug Tracker
security-tracker.debian.org
20
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
47.3%
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
| Debian | 11 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
| Debian | 999 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
| Debian | 13 | all | perl | < 5.20.1-1 | perl_5.20.1-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-09-30 16:55:00
nessus
nessus
EulerOS Virtualization 3.0.6.0 : perl-Data-Dumper (EulerOS-SA-2020-1782)
2020-07-01 00:00:00
Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)
2015-01-19 00:00:00
Mandriva Linux Security Advisory : perl (MDVSA-2015:136)
2015-03-30 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2020-2229)
2020-10-21 00:00:00
Mageia: Security Advisory (MGASA-2014-0406)
2022-01-28 00:00:00
cvelist
cvelist
CVE-2014-4330
2014-09-30 16:00:00
cve
cve
CVE-2014-4330
2014-09-30 16:55:06
packetstorm
packetstorm
Perl 5.20.1 Deep Recursion Stack Overflow
2014-09-25 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: perl-Data-Dumper-2.154-1.fc20
2014-09-29 04:06:01
[SECURITY] Fedora 19 Update: perl-Data-Dumper-2.154-1.fc19
2014-10-08 19:17:22
mageia
mageia
Updated perl package fixes CVE-2014-4330
2014-10-09 18:06:16
Updated perl packages fix CVE-2014-4330
2014-10-09 18:06:16
Updated perl-Data-Dumper package fixes CVE-2014-4330
2014-10-09 18:06:16
zdt
zdt
Perl 5.20.1 Deep Recursion Stack Overflow Vulnerability
2014-09-25 00:00:00
securityvulns
securityvulns
Perl stack overflow
2014-09-29 00:00:00
LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow
2014-09-29 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
nvd
nvd
CVE-2014-4330
2014-09-30 16:55:06
ubuntucve
ubuntucve
CVE-2014-4330
2014-09-30 00:00:00
ubuntu
ubuntu
Perl vulnerabilities
2016-03-02 00:00:00
cloudfoundry
cloudfoundry
USN-2916-1 Perl vulnerabilities | Cloud Foundry
2016-03-24 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1949
2021-07-02 17:41:47
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
47.3%
Related for DEBIANCVE:CVE-2014-4330