CVE-2022-48623
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48623
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48623.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48623
- Downstream
- Published
- 2024-02-13T05:15:08Z
- Modified
- 2025-10-15T14:17:15.395322Z
- Severity
-
- 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
- References
-
- https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293234050551c079776f/cpansa/CPANSA-Cpanel-JSON-XS.yml#L25-L36
- https://github.com/rurban/Cpanel-JSON-XS/issues/208
- https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.33/changes
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c37622560de9b
Affected packages
Git / github.com/rurban/cpanel-json-xs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/rurban/cpanel-json-xs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.27
2.28
2.29
2.3
2.31
2.32
2.3305
2.3306
2.3307
2.3308
2.3309
2.3310
2.3311
2.3313
2.3314
2.33_02
2.33_03
2.33_04
2.3401
2.3402
2.3403
2.3404
3.*
3.0101
3.0102
3.0103
3.0104
3.0105
3.0106
3.0109
3.0110
3.0111
3.0112
3.0113
3.0114
3.0115
3.0201
3.0202
3.0204
3.0205
3.0206
3.0207
3.0208
3.0209
3.0210
3.0211
3.0212
3.0213
3.0213_01
3.0213_02
3.0214
3.0215
3.0216
3.0217
3.0217_01
3.0217_02
3.0217_03
3.0217_04
3.0217_05
3.0217_06
3.0218
3.0219
3.0220
3.0221
3.0222
3.0223
3.0224
3.0225
3.0226
3.0227
3.0229
3.0232
3.0233
3.0234
3.0235
3.0236
3.0237
3.0238
3.0239
3.0240
3.99_01
3.99_02
3.99_03
4.*
4.00
4.01
4.02
4.03
4.04
4.05
4.06
4.07
4.08
4.09
4.10
4.11
4.12
4.13
4.14
4.15
4.16
4.17
4.18
4.19
4.20
4.21
4.22
4.23
4.24
4.25
4.26
4.27
4.28
4.29
4.30
4.31
4.32