PT-2025-36474 · Unknown · Cpanel::Json::Xs

Michael Hudak

·

Published

2025-09-08

·

Updated

2025-09-08

·

CVE-2025-40929

Report an issue
CVSS v3.1
5.6
VectorAV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

Cpanel::JSON::XS versions prior to 4.40

Description:

Cpanel::JSON::XS, a Perl module, contains an integer buffer overflow. This overflow occurs when parsing specially crafted JSON data, leading to a segmentation fault. This can result in denial-of-service attacks.

Recommendations:

Update Cpanel::JSON::XS to version 4.40 or later.

Fix

DoS

Heap Based Buffer Overflow

Weakness Enumeration

CWE-122

Related Identifiers

CVE-2025-40929

Affected Products

Cpanel::Json::Xs