CVE-2014-1474
Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0053 (0.5%)
Percentile: 67.5%
EPSS: 2026-05-06
Affects
bestpractical:rtemail\:\Technical description
Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.
Published: 7/15/2014, 2:55:08 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html
- http://lists.bestpractical.com/pipermail/rt-announce/2014-June/000257.html
- https://metacpan.org/changes/release/ALEXMV/Email-Address-List-0.02
- http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html
- http://lists.bestpractical.com/pipermail/rt-announce/2014-June/000257.html
- https://metacpan.org/changes/release/ALEXMV/Email-Address-List-0.02