Advisories » MGASA-2025-0284

Updated perl-Cpanel-JSON-XS packages fix security vulnerability

Publication date: 13 Nov 2025
Modification date: 13 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-40929

Description

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer
overflow causing a segfault when parsing crafted JSON, enabling
denial-of-service attacks or other unspecified impact. (CVE-2025-40929)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34627
• https://www.openwall.com/lists/oss-security/2025/09/08/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40929

SRPMS

9/core

• perl-Cpanel-JSON-XS-4.350.0-1.1.mga9