CVE-2026-13593 PUBLISHED

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away

Assigner: CPANSec
Reserved: 29.06.2026 Published: 29.06.2026 Updated: 29.06.2026

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away.

The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace.

Product Status

Vendor GTERMARS
Product CSS::Minifier::XS
Versions Default: unaffected
  • affected from 0 to 0.14 (excl.)

Solutions

Upgrade to CSS::Minifier::XS version 0.14 or later.

References

Problem Types

  • CWE-401 Missing Release of Memory after Effective Lifetime CWE