VYPR

HTML::Entities

by Perl Foundation

Source repositories

CVEs (1)

  • CVE-2026-8829HigJun 4, 2026
    risk 0.42cvss 7.5epss 0.00

    HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV returned by hv_fetch on the entity2char hash. When the input SV was identical to a…