Security Advisories (2)

CVE-2026-4176 (2026-03-29)

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94.

CVE-2026-8376 (2026-05-25)

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch

NAME

Pod::Simple::PullParserStartToken -- start-tokens from Pod::Simple::PullParser

SYNOPSIS

(See Pod::Simple::PullParser)

DESCRIPTION

When you do $parser->get_token on a Pod::Simple::PullParser object, you might get an object of this class.

This is a subclass of Pod::Simple::PullParserToken and inherits all its methods, and adds these methods:

$token->tagname

This returns the tagname for this start-token object. For example, parsing a "=head1 ..." line will give you a start-token with the tagname of "head1", token(s) for its content, and then an end-token with the tagname of "head1".

$token->tagname(somestring)

This changes the tagname for this start-token object. You probably won't need to do this.

$token->tag(...)

A shortcut for $token->tagname(...)

$token->is_tag(somestring) or $token->is_tagname(somestring)

These are shortcuts for $token->tag() eq somestring

$token->attr(attrname)

This returns the value of the attrname attribute for this start-token object, or undef.

For example, parsing a L<Foo/"Bar"> link will produce a start-token with a "to" attribute with the value "Foo", a "type" attribute with the value "pod", and a "section" attribute with the value "Bar".

$token->attr(attrname, newvalue)

This sets the attrname attribute for this start-token object to newvalue. You probably won't need to do this.

$token->attr_hash

This returns the hashref that is the attribute set for this start-token. This is useful if (for example) you want to ask what all the attributes are -- you can just do keys %{$token->attr_hash}

You're unlikely to ever need to construct an object of this class for yourself, but if you want to, call Pod::Simple::PullParserStartToken->new( tagname, attrhash )

SUPPORT

Questions or discussion about POD and Pod::Simple should be sent to the pod-people@perl.org mail list. Send an empty email to pod-people-subscribe@perl.org to subscribe.

This module is managed in an open GitHub repository, https://github.com/perl-pod/pod-simple/. Feel free to fork and contribute, or to clone https://github.com/perl-pod/pod-simple.git and send patches!

Patches against Pod::Simple are welcome. Please send bug reports to <bug-pod-simple@rt.cpan.org>.

COPYRIGHT AND DISCLAIMERS

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose.

AUTHOR

Pod::Simple was created by Sean M. Burke <sburke@cpan.org>. But don't bother him, he's retired.

Pod::Simple is maintained by:

Allison Randal allison@perl.org
Hans Dieter Pearcey hdp@cpan.org
David E. Wheeler dwheeler@cpan.org

To install less, copy and paste the appropriate command in to your terminal.

cpanm

cpanm less

CPAN shell

perl -MCPAN -e shell
install less

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

NAME

SYNOPSIS

DESCRIPTION

SEE ALSO

SEE ALSO

SUPPORT

COPYRIGHT AND DISCLAIMERS

AUTHOR

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

SEE ALSO

SEE ALSO

SUPPORT

COPYRIGHT AND DISCLAIMERS

AUTHOR

Module Install Instructions

Keyboard Shortcuts