Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

ALSA-2026:7681 Important: perl-XML-Parser security update

This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options...

Important: perl-XML-Parser security update

This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options...

SUSE: Security Advisory (SUSE-SU-2026:20993-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

perl-XML-Parser security update

2.47-6.1.0.1 - Add perlLWP Requires 2.47-6.1 - Fix CVE-2006-10002, CVE-2006-10003...

Amazon Linux 2023 : perl-XML-Parser, perl-XML-Parser-tests (ALAS2023-2026-1536)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1536 advisory. XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in...

Oracle Linux 9 : perl-XML-Parser (ELSA-2026-7679)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-7679 advisory. 2.46-9.1.0.1 - Add perlLWP, perlURI, perlURI::file Requires 2.46-9.1 - Fix CVE-2006-10002, CVE-2006-10003 Tenable has extracted the preceding descripti...

RHEL 9 : perl-XML-Parser (RHSA-2026:7679)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7679 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

perl-XML-Parser security update

2.46-9.1.0.1 - Add perlLWP, perlURI, perlURI::file Requires 2.46-9.1 - Fix CVE-2006-10002, CVE-2006-10003...

RHEL 10 : perl-XML-Parser (RHSA-2026:7680)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7680 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark...

ALSA-2026:7679 Important: perl-XML-Parser security update

This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options...

Oracle Linux 10 : perl-XML-Parser (ELSA-2026-7680)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-7680 advisory. 2.47-6.1.0.1 - Add perlLWP Requires 2.47-6.1 - Fix CVE-2006-10002, CVE-2006-10003 Tenable has extracted the preceding description block directly from...

ALSA-2026:7680 Important: perl-XML-Parser security update

This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options...

RHEL 8 : perl-XML-Parser (RHSA-2026:7681)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7681 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

Important: perl-XML-Parser

Issue Overview: XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters...

perl-XML-Parser-2.570.0-1.1 on GA media (moderate)

perl-XML-Parser-2.570.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10527-1 Rating: moderate Cross-References: CVE-2006-10002 CVE-2006-10003 CVSS scores: CVE-2006-10002 SUSE : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2006-10002 SUSE : 8.8...

CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...