======================================================================== CVE-2025-40930 CPAN Security Group ========================================================================
CVE ID: CVE-2025-40930 Distribution: JSON-SIMD Versions: before 1.07 MetaCPAN: https://metacpan.org/dist/JSON-SIMD VCS Repo: https://github.com/pjuhasz/JSON-SIMD JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact Description ----------- JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact. Problem types ------------- - CWE-122 Heap-based Buffer Overflow Solutions --------- Update to 1.07, or apply the provided patch References ---------- https://metacpan.org/release/PJUHASZ/JSON-SIMD-1.06/source/SIMD.xs#L248 https://metacpan.org/release/PJUHASZ/JSON-SIMD-1.07/changes https://github.com/pjuhasz/JSON-SIMD/commit/9a87de7331c9fa5198cae404a83b17649cf7b918.patch Credits ------- Michael Hudak of rasotec, reporter
