4 matches found
UBUNTU-CVE-2025-15646
HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...
CVE-2025-15646 HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion
HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...
CVE-2025-15646
HTML::Gumbo for Perl before 0.19 is vulnerable to heap memory disclosure via type confusion when parsing documents containing a element. The issue arises because libgumbo’s walk_tree was not updated to support , causing the element to be treated as a text node and enabling strlen() over-read of ...
Linux Distros Unpatched Vulnerability : CVE-2025-15646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktre...