perl-XML-Twig: The option to expand_external_ents, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option's...
9.1CVSS
8.9AI Score
0.005EPSS
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the...
7.5AI Score
0.129EPSS