CVE-2026-57073 in HTML::Bareinformação

Sumário

de MITRE • 16/07/2026

HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead.

The parserc_parse function attempts to check for multicharacter strings such as "<![CDATA" or element terminators such as ">" without checking that the offsets are within the buffer.

Truncated strings such as "<a/" can trigger an out-of-bounds read.

Note that the latest version available on CPAN is version 0.02. Newer versions are available on the git repository.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsável

CPANSec

Reservar

23/06/2026

Divulgação

16/07/2026

Moderação

aceite

Entrada

VDB-379596

CPE

pronto

EPSS

0.00000

KEV

não

Atividades

baixo

Fontes

Might our Artificial Intelligence support you?

Check our Alexa App!