Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters.
The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption.
Note that the minify_utf8 function is an alias for minnify.
Analysis
Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters.
The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption.
Note that the minify_utf8 function is an alias for minnify.
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stac
Vulnerability in the Oracle Text component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability
Vulnerability in the Oracle Text component of Oracle Database Server. Rated high severity (CVSS 8.1), this vulnerability
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take sign
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder ent
Vulnerability in the Oracle Text component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability
Resource amplification in Text::LineFold (Unicode-LineBreak Perl distribution, versions through 2019.001) causes output
Vulnerability in the Oracle Text component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability
Same weakness CWE-176 – Improper Handling of Unicode Encoding
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25833