rpm package
opensuse/perl-XML-LibXML&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/perl-XML-LibXML&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-8177 | Hig | 7.5 | < 2.0212-1.1 | 2.0212-1.1 | May 10, 2026 | XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adja | |
| CVE-2015-3451 | — | < 2.0128-1.3 | 2.0128-1.3 | May 12, 2015 | The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function. |
- affected < 2.0212-1.1fixed 2.0212-1.1
XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adja
- CVE-2015-3451May 12, 2015affected < 2.0128-1.3fixed 2.0128-1.3
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.