Launchpad.net

CVE 2016-9180

perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option's setting.

See the CVE page on Mitre.org for more details.

References