AZL-67079

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67079.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-67079

Upstream

CVE-2025-40928

Published

2025-09-08T15:15:35Z

Modified

2026-04-21T04:38:03.978738Z

Summary

CVE-2025-40928 affecting package perl-JSON-XS for versions less than 4.04-1

Details

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

References

https://nvd.nist.gov/vuln/detail/CVE-2025-40928

Affected packages

Azure Linux:2 / perl-JSON-XS

Package

Name: perl-JSON-XS
Purl: pkg:rpm/azure-linux/perl-JSON-XS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.04-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67079.json"