PT-2026-35416 · Rrwo · Text::Minify::Xs
Robrwo
·
Published
2026-04-27
·
Updated
2026-04-27
·
CVE-2026-7040
CVSS v3.1
7.5
High
| AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters.
The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption.
Note that the minify utf8 function is an alias for minnify.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Text::Minify::Xs