CNNVD-202509-1085 Information

CNNVD ID

CNNVD-202509-1085

Related CVE

CVE-2025-40929

• CNNVD Published: 2025-09-08

Description (Chinese)

Cpanel::JSON::XS是用于将 Perl 数据结构转换为 JSON 的工具。 Cpanel::JSON::XS 4.40之前版本存在安全漏洞，该漏洞源于整数缓冲区溢出，可能导致拒绝服务攻击。

Description (English)

Cpanel: :JSON: :XS is a tool to convert Perl data structures to JSON. Cpanel: :JSON: XS 4.40 has a security loophole that originates from the spilling of the whole buffer zone and may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MetaCPAN

Published

2025-09-08

Last Modified

2026-02-24

References

https://github.com/rurban/Cpanel-JSON-XS/commit/378236219eaa35742c3962ecbdee364903b0a1f2.patch https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.39/source/XS.xs#L713 https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.40/changes https://access.redhat.com/security/cve/cve-2025-40929

Patch

https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.40/source