CVE-2026-14741
HTTP::Date versions before 6.08 for Perl allow CPU exhaustion via polynomial regex backtracking in parsedate. parsedate matches the date string against a chain of alternative regexes, and str2time delegates to it. Several of these patterns place unbounded quantifiers next to each other before a...