cbcvebase.
CVE-2017-20230
published 2026-04-21

CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read…

PriorityP260critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
0.64%
46.1th percentile
Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow.

Affected

2 ranges
VendorProductVersion rangeFixed in
nwclarkstorable< 3.053.05
perl_5.32perl-storable

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered during deserialization via the `retrieve_hook` function in Perl's Storable module; monitor for deserialization of untrusted/externally-supplied Storable data
  • Exploitation requires a user/process to consume attacker-controlled serialized Storable data; flag ingestion of Storable blobs from untrusted sources (network, files, user input)
  • Target: Perl Storable versions before 3.05; audit installed perl-Storable package version and flag any version < 3.05
  • ·Red Hat Enterprise Linux 7 has a deferred fix for perl-Storable; systems on RHEL 7 remain potentially exposed until patched

CVSS provenance

nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.