It is suspected that this package is vulnerable to a security vulnerability due to expanding of malicious entities via dev-perl/XML-Twig. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected. Please see the information contained in the tracker bug 600818. developer / # grep -Fr 'Twig' Nmap-Parser-1.34 Nmap-Parser-1.34/Parser.pm: $self->{twig} = new XML::Twig( from README.md ### Dependencies This module requires these other modules and libraries: * XML::Twig 3.16+ while: XML::Twig 3.50+ has a new option to ->new() , "no_xxe" to avoid problems with CVE-2016-9180 ( https://rt.cpan.org/Ticket/Display.html?id=118097 ) Daj Uan (jmbailey) Gentoo Security Padawan
Stable version 1.360.0 in tree uses XML-Twig-3.52