Security Advisories (3)

CVE-2015-3451 (2015-04-23)

The _clone function does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.

https://metacpan.org/changes/distribution/XML-LibXML

CVE-2017-10672 (2015-04-23)

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.

CVE-2026-8177 (2026-05-10)

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory. Any Perl process that passes attacker controlled strings to XML::LibXML's DOM node-name methods can reach this path on the default API. The likely consequence is a crash, causing denial of service.

NAME

XML::LibXML::Dtd - XML::LibXML DTD Handling

SYNOPSIS

$dtd = XML::LibXML::Dtd->new($public_id, $system_id)
$dtd = XML::LibXML::Dtd->parse_string($dtd_str)

DESCRIPTION

This class holds a DTD. You may parse a DTD from either a string, or from an external SYSTEM identifier.

No support is available as yet for parsing from a filehandle.

XML::LibXML::Dtd is a sub-class of Node, so all the methods available to nodes (particularly toString()) are available to Dtd objects.

new

$dtd = XML::LibXML::Dtd->new($public_id, $system_id)

Parse a DTD from the system identifier, and return a DTD object that you can pass to $doc->is_valid() or $doc->validate().

my $dtd = XML::LibXML::Dtd->new(
                     "SOME // Public / ID / 1.0",
                     "test.dtd"
                               );
my $doc = XML::LibXML->new->parse_file("test.xml");
$doc->validate($dtd);

parse_string

$dtd = XML::LibXML::Dtd->parse_string($dtd_str)

The same as new() above, except you can parse a DTD from a string.

AUTHORS

Matt Sergeant, Christian Glahn,

VERSION

1.59

COPYRIGHT

To install XML::LibXML, copy and paste the appropriate command in to your terminal.

cpanm

cpanm XML::LibXML

CPAN shell

perl -MCPAN -e shell
install XML::LibXML

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)