CVE-2017-20230

Daily digests

Perl's Storable module before version 3.05 has a stack overflow triggered by a signed/unsigned mismatch when reading class name lengths. An attacker who can feed crafted serialized data to your Perl process can crash it or potentially run arbitrary code. Exploitation requires the app to deserialize untrusted Storable blobs, so if you only deserialize data you control, your exposure is lower.

• Daily Digest · Apr 21, 2026

  4 CVSS 10.0s today, Spinnaker RCE tops the list