[Git][security-tracker-team/security-tracker][master] Add CVE-2026-8177/libxml-libxml-perl

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3faf56f2 by Salvatore Bonaccorso at 2026-05-11T13:48:01+02:00
Add CVE-2026-8177/libxml-libxml-perl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57,7 +57,10 @@ CVE-2026-8249 (A flaw has been found in Open5GS up to 2.7.7. The impacted elemen
 CVE-2026-8248 (A vulnerability was detected in Open5GS up to 2.7.7. The affected elem ...)
 	- open5gs <itp> (bug #1094791)
 CVE-2026-8177 (XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap m ...)
-	TODO: check
+	- libxml-libxml-perl <unfixed>
+	NOTE: https://lists.security.metacpan.org/cve-announce/msg/39920366/
+	NOTE: https://github.com/cpan-authors/XML-LibXML/issues/146
+	NOTE: Fixed by: https://github.com/cpan-authors/XML-LibXML/commit/15652bd905a6c9dda59a81b14d4766adbbae2ea8
 CVE-2026-6433 (The Custom css-js-php WordPress plugin through 2.0.7 does not properly ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-45191 (Net::CIDR::Lite versions before 0.24 for Perl does not properly consid ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3faf56f23dad9610355a2355b6991e80f8575d0f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3faf56f23dad9610355a2355b6991e80f8575d0f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260511/97861417/attachment.htm>