Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 25.10 libxml-parser-perl Medium Denial of Service USN-8174-1

ubuntu
Calendar Grey April 14, 2026
Dist Ubuntu Esm H88
Multiple issues fixed in libxml-parser-perl for Ubuntu affecting several versions. Update recommended to prevent exploits.
Several security issues were fixed in XML::Parser.

Summary

Several security issues were fixed in XML::Parser.

Software Description:

- libxml-parser-perl: Perl module for parsing XML files

Details:

It was discovered that XML::Parser incorrectly handled certain multi-byte

UTF-8 characters. If a user or automated system were tricked into

processing specially crafted XML data, a remote attacker could use this

issue to cause XML::Parser to crash, resulting in a denial of service or to

possibly execute arbitrary code. (CVE-2006-10002)

It was discovered that XML::Parser incorrectly handled very deep element

nesting. If a user or automated system were tricked into processing

specially crafted XML data, a remote attacker could use this issue to cause

XML::Parser to crash, resulting in a denial of service or to possibly

execute arbitrary code (CVE-2006-10002)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libxml-parser-perl              2.47-1ubuntu0.25.10.1

Ubuntu 24.04 LTS
  libxml-parser-perl              2.47-1ubuntu0.24.04.1

Ubuntu 22.04 LTS
  libxml-parser-perl              2.46-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8174-1

CVE-2006-10002, CVE-2006-10003

Severity
medium
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8174-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here