| Package | libtext-csv-xs-perl |
|---|---|
| Version | 1.26-1+deb9u1 (stretch), 1.38-1+deb10u1 (buster) |
| Related CVEs | CVE-2026-7111 |
A use-after-free issue was found in libtext-csv-xs-perl (Text::CSV_XS
module), which may yield type confusion or memory corruption when
registered callbacks extend the Perl argument stack.
For Debian 10 buster, these problems have been fixed in version 1.38-1+deb10u1.
For Debian 9 stretch, these problems have been fixed in version 1.26-1+deb9u1.
We recommend that you upgrade your libtext-csv-xs-perl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.