17753 matches found
PT-2026-60771
Name of the Vulnerable Software and Affected Versions libpvestorage-perl version 9.1.1 libpve-storage-perl version 8.3.7 Description An XML External Entity XXE flaw exists in the storage Perl components of Proxmox VE. This issue stems from insecure XML parsing caused by improper parser...
UBUNTU-CVE-2026-57074
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "a/" can trigger an out-of-bounds read...
CVE-2026-57075
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...
CVE-2026-57076
YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...
CVE-2026-57077 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57077
Affected software: YAML::Syck (Perl) before version 1.47. Vulnerability: out-of-bounds read via an unbounded newline scan in newline_len during block-scalar lexing at a document boundary, dereferencing scan pointers and the following byte of a "\r\n" pair without a NUL-terminator or bounds check....
CVE-2026-57077 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57076 YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syck_hdlr_add_anchor
YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...
CVE-2026-57076 YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syck_hdlr_add_anchor
YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...
CVE-2026-57075 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...
CVE-2026-57075
CVE-2026-57075 affects YAML::Syck before 1.47 for Perl. The base64 decoder syck_base64dec indexes a 256-entry table with a signed char, so any !!binary byte >= 0x80 sign-extends to a negative index and causes an out-of-bounds read from the table, leading to information exposure if a crafted YA...
CVE-2026-57075 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...
CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...
CVE-2026-13713
CVE-2026-13713 affects YAML::Syck versions before 1.47 (Perl). A use-after-free and double-free occurs when an anchor is redefined while still on the parser value stack, due to how syck_hdlr_add_anchor and syck_hdlr_remove_anchor free the node. The freed node may still be live on the value stack,...
CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...
CVE-2026-13401
XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...
CVE-2026-13397
HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...
CVE-2026-3031 Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library
Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library. Image::EPEG includes Epeg 0.9.0 that was last updated in 2004. Epeg is a fast JPEG thumbnail library that was once part of the Englightenment Project...
CVE-2026-3031
CVE-2026-3031 concerns Image::EPEG for Perl, which bundles an outdated Epeg library (Epeg 0.9.0, last updated 2004) and includes through version 0.15. Root cause is embedding an unsupported version of Epeg; affected component is Image::EPEG (Perl). CVSS3.1 base score is 9.8 with CRITICAL impact (...
CVE-2026-57074 XML::Bare versions through 0.53 for Perl have an unbounded character lookahead
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "a/" can trigger an out-of-bounds read...