PT-2026-60500 · Codechild · Xml::Bare

CVE-2026-13401

·

Published

2026-07-16

·

Updated

2026-07-16

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes.
The parserc parse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever.
Nameless attributes such as "<a ='c'>" or unbalanced quotes "<a b='''''''c'>" can trigger this condition.

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-13401

Affected Products

Xml::Bare