Filtered by vendor Xml\
Subscriptions
Filtered by product \
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40934 | 2 Perl, Xml\ | 2 Xml::sig, \ | 2025-12-30 | 9.3 Critical |
| XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should return an error message. The affected versions return true when attempting to validate an XML file that contains no signatures. | ||||
| CVE-2012-1102 | 1 Xml\ | 1 \ | 2024-11-21 | 7.5 High |
| It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used. | ||||
Page 1 of 1.