Critical Memory Leak Vulnerability in Perl CSS::Minifier::XS Affects Fedora 43 and 44

Critical Memory Leak Vulnerability in Perl CSS::Minifier::XS Affects Fedora 43 and 44

First seen 9 Jul 2026, 10:55 UTC Linuxsecurity 100% similarity 72.0

Article Content

Browse articles
ThreatCluster

A critical memory leak vulnerability (CVE-2026-13593) has been identified in the Perl module CSS::Minifier::XS, affecting versions prior to 0.14. This vulnerability allows crafted input to exploit the memory leak, potentially leading to Denial of Service (DoS) conditions. The issue was published on 2026-06-29 and has been addressed in version 0.15, released on 2026-06-30. Both Fedora 43 and Fedora 44 distributions are affected, and users are advised to update their systems immediately. The update can be installed using the 'dnf' update program. This vulnerability poses a significant risk as it can be exploited by attackers to disrupt services. Users are encouraged to apply the patch to mitigate the risk of exploitation.

Key Points: • CVE-2026-13593 affects Perl CSS::Minifier::XS versions before 0.14. • The vulnerability can lead to Denial of Service via crafted input. • Fedora 43 and 44 users must update to version 0.15 to mitigate the risk.

ThreatCluster AI

Timeline

2026-06-29
CVE-2026-13593 published
A memory leak vulnerability in CSS::Minifier::XS was disclosed, affecting versions prior to 0.14.
Linuxsecurity
2026-06-30
Version 0.15 released
Fedora released an update to CSS::Minifier::XS, fixing the memory leak issue in version 0.15.
Linuxsecurity
2026-07-09
Advisory published
Linuxsecurity published advisories for Fedora 43 and 44 regarding the critical memory leak vulnerability.
Linuxsecurity

Community

Browse all →