Fluid Attacks Database

Description

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libemail-address-list-perl	>=0 <0.03-1	0.03-1
debian 13	libemail-address-list-perl	>=0 <0.03-1	0.03-1
debian 12	libemail-address-list-perl	>=0 <0.03-1	0.03-1
debian 11	libemail-address-list-perl	>=0 <0.03-1	0.03-1

Aliases

1. CVE-2014-14742. NVD-2014-14743. OSV-DEBIAN-2014-14744. OSV-2014-14745. SECURITY-TRACKER-CVE-2014-1474

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.