VYPR

XML Libxml

by XML Libxml Project

Source repositories

CVEs (3)

  • CVE-2017-10672CriJun 29, 2017
    risk 0.64cvss 9.8epss 0.08

    Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.

  • CVE-2026-8177HigMay 10, 2026
    risk 0.42cvss 7.5epss 0.01

    XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into…

  • CVE-2015-3451May 12, 2015
    risk 0.00cvss epss 0.04

    The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.