USN-7749-1

It was discovered that Cpanel-JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service.

References

Affected packages

Ubuntu:22.04:LTS / libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.27-1ubuntu0.2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.27-1ubuntu0.2

Affected versions

4.*

4.25-1build1

4.25-1build2

4.27-1

4.27-1build1

4.27-1ubuntu0.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libcpanel-json-xs-perl",
            "binary_version": "4.27-1ubuntu0.2"
        }
    ]
}

Ubuntu:24.04:LTS / libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.37-1ubuntu0.1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.37-1ubuntu0.1

Affected versions

4.*

4.37-1

4.37-1build1

4.37-1build2

4.37-1build3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libcpanel-json-xs-perl",
            "binary_version": "4.37-1ubuntu0.1"
        }
    ]
}

Ubuntu:25.04 / libcpanel-json-xs-perl

Package

Name: libcpanel-json-xs-perl
Purl: pkg:deb/ubuntu/libcpanel-json-xs-perl@4.39-1ubuntu0.1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.39-1ubuntu0.1

Affected versions

4.*

4.38-1

4.38-1build1

4.39-1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libcpanel-json-xs-perl",
            "binary_version": "4.39-1ubuntu0.1"
        }
    ]
}