{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2006-10002", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "state": "PUBLISHED", "assignerShortName": "CPANSec", "dateReserved": "2026-03-16T22:47:45.685Z", "datePublished": "2026-03-19T11:03:46.888Z", "dateUpdated": "2026-04-29T14:36:41.837Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected", "packageName": "XML-Parser", "product": "XML::Parser", "programFiles": ["Expat.xs"], "programRoutines": [{"name": "parse_stream"}], "repo": "http://github.com/toddr/XML-Parser", "vendor": "TODDR", "versions": [{"lessThanOrEqual": "2.45", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes.\n\nA :utf8 PerlIO layer, parse_stream() in Expat.xs could overflow the XML input buffer because Perl's read() returns decoded characters while SvPV() gives back multi-byte UTF-8 bytes that can exceed the pre-allocated buffer size. This can cause heap corruption (double free or corruption) and crashes."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-176", "description": "CWE-176 Improper Handling of Unicode Encoding", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2026-03-21T11:43:43.607Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://rt.cpan.org/Ticket/Display.html?id=19859"}, {"tags": ["issue-tracking"], "url": "https://github.com/cpan-authors/XML-Parser/issues/64"}, {"tags": ["release-notes"], "url": "https://metacpan.org/release/TODDR/XML-Parser-2.46/changes"}, {"tags": ["patch"], "url": "https://github.com/cpan-authors/XML-Parser/commit/56b0509dfc6b559cd7555ea81ee62e3622069255.patch"}], "solutions": [{"lang": "en", "value": "Apply the patch that has been publicly available since 2006-06-13 or upgrade to version 2.46 or later."}], "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2006-06-13T00:00:00.000Z", "value": "Issue logged in Request Tracker for XML::Parser"}, {"lang": "en", "time": "2006-08-11T00:00:00.000Z", "value": "Patch provided in Request Tracker for XML::Parser"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Issue migrated to github issue tracker"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Patch provided in github issue tracker"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Included in release 2.46 released to CPAN"}], "title": "XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes", "workarounds": [{"lang": "en", "value": "Apply the patch that has been publicly available since 2006-06-13."}], "x_generator": {"engine": "cpansec-cna-tool 0.1"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T17:11:03.634936Z", "id": "CVE-2006-10002", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T14:36:41.837Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/19/1"}, {"url": "http://www.openwall.com/lists/oss-security/2026/03/22/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-22T23:06:42.361Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/19/1"}, {"url": "http://www.openwall.com/lists/oss-security/2026/03/22/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-22T23:06:42.361Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2006-10002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-19T17:11:03.634936Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T17:11:22.535Z"}}], "cna": {"title": "XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes", "source": {"discovery": "UNKNOWN"}, "affected": [{"repo": "http://github.com/toddr/XML-Parser", "vendor": "TODDR", "product": "XML::Parser", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.45"}], "packageName": "XML-Parser", "programFiles": ["Expat.xs"], "collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected", "programRoutines": [{"name": "parse_stream"}]}], "timeline": [{"lang": "en", "time": "2006-06-13T00:00:00.000Z", "value": "Issue logged in Request Tracker for XML::Parser"}, {"lang": "en", "time": "2006-08-11T00:00:00.000Z", "value": "Patch provided in Request Tracker for XML::Parser"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Issue migrated to github issue tracker"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Patch provided in github issue tracker"}, {"lang": "en", "time": "2019-09-24T00:00:00.000Z", "value": "Included in release 2.46 released to CPAN"}], "solutions": [{"lang": "en", "value": "Apply the patch that has been publicly available since 2006-06-13 or upgrade to version 2.46 or later."}], "references": [{"url": "https://rt.cpan.org/Ticket/Display.html?id=19859", "tags": ["issue-tracking"]}, {"url": "https://github.com/cpan-authors/XML-Parser/issues/64", "tags": ["issue-tracking"]}, {"url": "https://metacpan.org/release/TODDR/XML-Parser-2.46/changes", "tags": ["release-notes"]}, {"url": "https://github.com/cpan-authors/XML-Parser/commit/56b0509dfc6b559cd7555ea81ee62e3622069255.patch", "tags": ["patch"]}], "workarounds": [{"lang": "en", "value": "Apply the patch that has been publicly available since 2006-06-13."}], "x_generator": {"engine": "cpansec-cna-tool 0.1"}, "descriptions": [{"lang": "en", "value": "XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes.\n\nA :utf8 PerlIO layer, parse_stream() in Expat.xs could overflow the XML input buffer because Perl's read() returns decoded characters while SvPV() gives back multi-byte UTF-8 bytes that can exceed the pre-allocated buffer size. This can cause heap corruption (double free or corruption) and crashes."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-176", "description": "CWE-176 Improper Handling of Unicode Encoding"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2026-03-21T11:43:43.607Z"}}}, "cveMetadata": {"cveId": "CVE-2006-10002", "state": "PUBLISHED", "dateUpdated": "2026-04-29T14:36:41.837Z", "dateReserved": "2026-03-16T22:47:45.685Z", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "datePublished": "2026-03-19T11:03:46.888Z", "assignerShortName": "CPANSec"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:toddr:xml\\:\\:parser:*:*:*:*:*:perl:*:*", "matchCriteriaId": "11A15992-D3C4-4604-88DF-DF2E7872FEFD", "versionEndExcluding": "2.48", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes.\n\nA :utf8 PerlIO layer, parse_stream() in Expat.xs could overflow the XML input buffer because Perl's read() returns decoded characters while SvPV() gives back multi-byte UTF-8 bytes that can exceed the pre-allocated buffer size. This can cause heap corruption (double free or corruption) and crashes."}], "id": "CVE-2006-10002", "lastModified": "2026-03-23T00:16:47.833", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-19T12:16:16.120", "references": [{"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/cpan-authors/XML-Parser/commit/56b0509dfc6b559cd7555ea81ee62e3622069255.patch"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "tags": ["Issue Tracking"], "url": "https://github.com/cpan-authors/XML-Parser/issues/64"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://metacpan.org/release/TODDR/XML-Parser-2.46/changes"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "tags": ["Mailing List"], "url": "https://rt.cpan.org/Ticket/Display.html?id=19859"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/03/19/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2026/03/22/3"}], "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-176"}], "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "type": "Secondary"}]}

{"bugzilla": {"description": "perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input", "id": "2449001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449001"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-131", "details": ["A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service (DoS) by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This overflow can corrupt memory, leading to instability and application termination."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2006-10002", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "perl-XML-Parser", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "perl-XML-Parser", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "perl-XML-Parser", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "perl-XML-Parser", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "perl-XML-Parser", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-19T11:03:46Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-10002\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-10002\nhttps://github.com/cpan-authors/XML-Parser/commit/6b291f4d260fc124a6ec80382b87a918f372bc6b.patch\nhttps://github.com/cpan-authors/XML-Parser/issues/64\nhttps://rt.cpan.org/Ticket/Display.html?id=19859"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2.47]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "XML::Parser", "source": "cna", "vendor": "TODDR"}, "product": "xml::parser", "vendor": "toddr"}], "analysis": {"en": {"generated_at": "2026-03-21T13:20:48.809497+00:00", "value": {"mitigation_remediation": ["Upgrade XML::Parser to version 2.46 or later", "If an upgrade is not feasible, apply the public patch available since 2006-06-13", "Verify that any XML data processed by the application originates from trusted sources and is validated before parsing"], "summary": {"action": "Immediate Patch", "impact": "Heap corruption leading to crashes and potential denial of service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the XML::Parser module from the TODDR project, specifically versions 2.45 and earlier. It impacts any Perl installation that uses this library to parse XML streams, regardless of the underlying operating system or environment. The product is identified by the CPE as a Perl module for XML parsing.", "description_and_impact": "The flaw exists in Perl's XML::Parser up to version 2.45, where the decoded characters returned by Perl's read() do not match the raw UTF\u20118 bytes held by SvPV(). This mismatch allows parse_stream() to overrun its allocated buffer, corrupting the heap and causing a double free or other memory corruption. The resulting crashes are a classic buffer\u2011overflow problem classified under CWE\u2011122, CWE\u2011131, and CWE\u2011176, with a CVSS score of 9.8 that signals a critical risk to confidentiality, integrity, and availability.", "risk_and_exploitability": "The CVSS rating of 9.8 highlights a severe denial\u2011of\u2011service potential. EPSS indicates the likelihood of exploitation is below 1%, and the vulnerability is not listed in the CISA KEV catalog, suggesting no widespread exploitation has been documented. Based on the description, it is inferred that the attack vector involves delivering specially crafted XML input to the parse_stream() call, which is commonly exposed in Perl applications that accept external XML. An attacker with access to such input could trigger the heap corruption and cause the consuming process to crash, potentially affecting services or systems running with elevated privileges. The overall risk is high, though the current probability of exploitation remains low."}}}}, "created": "2026-03-20T08:56:56.869759+00:00", "updated": "2026-03-25T11:55:19.645976+00:00", "vendors": ["toddr", "toddr$PRODUCT$xml::parser"]}