VYPR

libxml-bare-perl

by Debian

CVEs (2)

  • CVE-2026-57074Jul 17, 2026
    risk 0.00cvss epss

    XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parserc_parse function attempts to check for multicharacter strings such as "<![CDATA" or element terminators such as ">" without checking that the offsets are within the buffer. Truncated…

  • CVE-2026-13401Jul 17, 2026
    risk 0.00cvss epss

    XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes. The parserc_parse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or…