Critical severity10.0NVD Advisory· Published Apr 21, 2026· Updated Apr 22, 2026
CVE-2017-20230
CVE-2017-20230
Description
Storable versions before 3.05 for Perl has a stack overflow.
The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 5.18.2-12.32.1+ 1 more
- (no CPE)range: < 5.18.2-12.32.1
- (no CPE)range: < 5.18.2-12.32.1
Patches
Vulnerability mechanics
References
6- github.com/Perl/perl5/commit/a258c17c6937f79529c8319a829310e09cdbd216.patchnvdPatch
- www.nntp.perl.org/group/perl.perl5.porters/2017/01/msg242533.htmlnvdThird Party Advisory
- www.nntp.perl.org/group/perl.perl5.porters/2017/01/msg242703.htmlnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/21/5nvdMailing List
- github.com/Perl/perl5/issues/15831nvdIssue Tracking
- metacpan.org/release/RURBAN/Storable-3.05/changesnvdRelease Notes
News mentions
0No linked articles in our index yet.