CVE-2017-20230
published 2026-04-21CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read…
PriorityP260critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
0.64%
46.1th percentile
Storable versions before 3.05 for Perl has a stack overflow.
The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nwclark | storable | < 3.05 | 3.05 |
| perl_5.32 | perl-storable | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered during deserialization via the `retrieve_hook` function in Perl's Storable module; monitor for deserialization of untrusted/externally-supplied Storable data ↗
- →Exploitation requires a user/process to consume attacker-controlled serialized Storable data; flag ingestion of Storable blobs from untrusted sources (network, files, user input) ↗
- →Target: Perl Storable versions before 3.05; audit installed perl-Storable package version and flag any version < 3.05 ↗
- ·Red Hat Enterprise Linux 7 has a deferred fix for perl-Storable; systems on RHEL 7 remain potentially exposed until patched ↗
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
NWCLARK Storable up to 3.04 on Perl retrieve_hook stack-based overflow (Issue 15831)
vuldb·2026-04-21·CVSS 10.0
CVE-2017-20230 [CRITICAL] NWCLARK Storable up to 3.04 on Perl retrieve_hook stack-based overflow (Issue 15831)
A vulnerability was found in NWCLARK Storable up to 3.04 on Perl. It has been classified as critical. This affects the function retrieve_hook. Performing a manipulation results in stack-based buffer overflow.
This vulnerability was named CVE-2017-20230. The attack needs to be approached within the local network. There is no available exploit.
Upgrading the affected component is recommended.
GHSA
GHSA-6r7m-2wh8-438w: Storable versions before 3
ghsa_unreviewed·2026-04-21
CVE-2017-20230 [CRITICAL] CWE-121 GHSA-6r7m-2wh8-438w: Storable versions before 3
Storable versions before 3.05 for Perl has a stack overflow.
The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow.
Red Hat
perl-Storable: Storable for Perl: Denial of service via stack overflow in retrieve_hook function
vendor_redhat·2026-04-21·CVSS 10.0
CVE-2017-20230 [CRITICAL] CWE-190 perl-Storable: Storable for Perl: Denial of service via stack overflow in retrieve_hook function
perl-Storable: Storable for Perl: Denial of service via stack overflow in retrieve_hook function
A flaw was found in Storable for Perl. A remote attacker can exploit a vulnerability in the `retrieve_hook` function by crafting malicious data. This flaw occurs because the function incorrectly handles the length of class names, storing it as a signed integer but processing it as unsigned during read operations. Successful exploitation leads to a stack overflow, which can cause a denial of service.
Statement: This is an Moderate denial of service flaw in perl-Storable. The vulnerability arises from incorrect handling of class name lengths during deserialization, which can lead to a stack overflow when processing specially crafted data. To exploit this vulnerability the attacker needs to tric
No detection rules found.
No public exploits indexed.
https://github.com/Perl/perl5/commit/a258c17c6937f79529c8319a829310e09cdbd216.patchhttps://github.com/Perl/perl5/issues/15831https://metacpan.org/release/RURBAN/Storable-3.05/changeshttps://www.nntp.perl.org/group/perl.perl5.porters/2017/01/msg242533.htmlhttps://www.nntp.perl.org/group/perl.perl5.porters/2017/01/msg242703.htmlhttp://www.openwall.com/lists/oss-security/2026/04/21/5
2026-04-21
Published