UBUNTU-CVE-2025-40929

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

References

Affected packages

Ubuntu:22.04:LTS

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.27-1ubuntu0.2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.27-1ubuntu0.2

Affected versions

4.*

4.25-1build1

4.25-1build2

4.27-1

4.27-1build1

4.27-1ubuntu0.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.27-1ubuntu0.2",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}

Ubuntu:24.04:LTS

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.37-1ubuntu0.1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.37-1ubuntu0.1

Affected versions

4.*

4.37-1

4.37-1build1

4.37-1build2

4.37-1build3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.37-1ubuntu0.1",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}

Ubuntu:25.04

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.39-1ubuntu0.1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.39-1ubuntu0.1

Affected versions

4.*

4.38-1

4.38-1build1

4.39-1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.39-1ubuntu0.1",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}

Ubuntu:Pro:16.04:LTS

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@3.0210-1ubuntu1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.0115-1

3.0210-1ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "3.0210-1ubuntu1",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}

Ubuntu:Pro:18.04:LTS

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@3.0239-1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.0225-1build1

3.0239-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "3.0239-1",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}

Ubuntu:Pro:20.04:LTS

libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.19-1ubuntu0.1?arch=source&distro=esm-infra/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.12-1

4.12-1build1

4.15-1

4.17-1

4.18-1

4.19-1

4.19-1build1

4.19-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "4.19-1ubuntu0.1",
            "binary_name": "libcpanel-json-xs-perl"
        }
    ]
}