Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

RHSA-2026:9110 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

RHEL 10 : perl-XML-Parser (RHSA-2026:9110)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9110 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007049)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007049 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser-buffer when tracegetuser failed When the length of the string...

libXpm -- Out-of-bounds read in xpmNextWord()

The X.Org project reports: libXpm uses a number of internal helper functions to parse the XPM file format. One of these internal functions, xpmNextString, checks for the NULL terminator when looking for the end of the current string but not when looking for the beginning of the next string. A sma...

PT-2026-46970

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.21 through 26.00 Description An uninitialized memory disclosure exists in the UEFI capsule .scap parser. The OpenCapsule function allocates a heap buffer based on an attacker-declared CapsuleImageSize up to 1 GiB without...

RHEL 9 : perl-XML-Parser (RHSA-2026:9258)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9258 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

RHEL 9 : perl-XML-Parser (RHSA-2026:9246)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9246 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

FreeBSD : ejabberd -- Potential DDoS in XML Parser (82064ab5-3d76-11f1-89ab-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 82064ab5-3d76-11f1-89ab-901b0e9408dc advisory. ejabberd team reports: This release adds new options that limit max memory used by XML parser used to...

RHEL 9 : perl-XML-Parser (RHSA-2026:9259)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9259 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011088 advisory. In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and...

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20578-1 Rating: important References: bsc1261722 bsc1261724 bsc1261729 bsc1261731 bsc1261732 Cross-References: CVE-2026-33033 CVE-2026-33034...

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2026-40324

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser Utf8GraphQLParser has no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types...