CVE-2014-1474
Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.
Date published : 2014-07-15
http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html
https://metacpan.org/changes/release/ALEXMV/Email-Address-List-0.02