Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
Vulnerability Description
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting
CVSS Information
N/A
Vulnerability Type
Off-by-one错误
Vulnerability Title
XML::Parser 安全漏洞
Vulnerability Description
XML::Parser是CPAN Authors开源的一个Perl语言的XML文档解析模块。 XML::Parser 2.47及之前版本存在安全漏洞,该漏洞源于st_serial_stack存在差一错误堆缓冲区溢出,可能导致解析深度嵌套XML文件时写入已分配缓冲区之外。
CVSS Information
N/A
Vulnerability Type
N/A