RSS   Podatności dla 'Data dumper'   RSS

2014-09-30
 
CVE-2014-4330

CWE-119
 

 
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function.

 


Copyright 2024, cxsecurity.com

 

Back to Top