VDB
GHSA-x2wr-f89p-cqwh
GHSA-x2wr-f89p-cqwh
PUBLISHED
CVSS 9.800000190734863 CRITICAL
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
- Mar 19, 2026 CVE Published
- Apr 4, 2026 CVE Updated
- Apr 10, 2026 Security Advisory
References
- https://nvd.nist.gov/vuln/detail/CVE-2006-10003 advisory
- https://rt.cpan.org/Ticket/Display.html?id=19860 url
- http://www.openwall.com/lists/oss-security/2026/03/19/2 url
- https://github.com/cpan-authors/XML-Parser/issues/39 discussion
- https://github.com/cpan-authors/XML-Parser/commit/3eb9cc95420fa0c3f76947c4708962546bf27cfd.patch fix
- https://lists.debian.org/debian-lts-announce/2026/04/msg00002.html advisory