PT-2025-36473 · Json::Xs · Json::Xs

Michael Hudak

Published

2025-09-08

Updated

2025-09-08

CVE-2025-40928

Report an issue

CVSS v3.1

7.5

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions:

JSON::XS versions prior to 4.04

Description:

JSON::XS, a Perl module, contains an integer buffer overflow that can lead to a segmentation fault when processing specially crafted JSON data. This issue may result in denial-of-service attacks.

Recommendations:

Update JSON::XS to version 4.04 or later.

Fix

DoS

Heap Based Buffer Overflow

Weakness Enumeration

CWE-122

Related Identifiers

CVE-2025-40928

Affected Products

Json::Xs

PT-2025-36473 · Json::Xs · Json::Xs

Weakness Enumeration

Related Identifiers

Affected Products

References · 5