🔴 严重 | CVE-2025-15646 — HTML::Gumbo versions before 0.19 for Perl disclose...
🔴 《严重安全漏洞:CVE-2025-15646》
CVSS 评分: 严重(9.8) 状态: Received 发布时间: 2026-07-01
漏洞描述
HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion.
Support for the element was added to libgumbo 0.10.0 in 2015, but the walk_tree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen() over-reads the heap block that the pointer addresses.
Any caller that runs parse() with the default format => 'string', or with format => 'tree', on input containing a element serializes the over-read bytes into the returned result, disclosing bounded heap contents. format => 'callback' reaches a croak on the unhandled node type and is unaffected.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2025-15646 |
| CVSS 评分 | 9.8 🔴 |
| 严重程度 | 严重 |
| CVSS 向量 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CWE 分类 | CWE-125,CWE-843 |
| 发布时间 | 2026-07-01 |
| 最后更新 | 2026-07-01 |
| 状态 | Received |
🔗 参考链接
🤖 本文由 CVE 安全快讯机器人自动生成 | 数据来源: NVD
💬 评论