INFSA-2025:17163: perl-JSON-XS security update
Information about definition
Identificator: INFSA-2025:17163
Type: security
Release date: 2025-10-09 12:10:40 UTC
Information about package
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C.
Vulnerabilities description
- CVE-2025-40928
A flaw was found in the JSON-XS Perl module. A buffer overflow can be triggered due to an integer overflow when a specially crafted JSON input is processed, causing a segmentation fault, crashing the application using the module and resulting in a denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-40928
|
no information | 7.5 | no information |
Updated packages
Preparing to download...