CVE-2025-40914 Information
Jun 12, 2025
cve
Description
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.
CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
Reference
https://github.com/advisories/GHSA-j3xv-6967-cv88 https://github.com/libtom/libtommath/pull/546 https://metacpan.org/release/MIK/CryptX-0.086/source/src/ltm/bn_mp_grow.c https://www.cve.org/CVERecord?id=CVE-2023-36328
Related CNNVD
CNNVD-202506-1601 (Published: 2025-06-11)
Share on: