CPANSA-CryptX-2025-40914: CryptX vulnerability
Publisher |
giterlizzi |
Document category |
csaf_security_advisory |
Initial release date |
2025-06-11T00:00:00 |
Engine |
CSAF Perl Toolkit 0.25 |
Current release date |
2025-06-11T00:00:00 |
Build Date |
|
Current version |
1 |
Status |
final |
CVSS v3.1 Base Score |
9.8
|
Severity |
|
Original language |
|
Language |
en |
Also referred to |
|
Vulnerability Description
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
Vulnerabilities
CVE-2025-40914
Vulnerability DescriptionPerl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.
CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
Product status
Known affected
Product |
Score |
CryptX less than 0.087 |
|
Fixed
- CryptX greater than or equal 0.087
CVE-2023-36328
Vulnerability DescriptionInteger Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).
Weakness |
CWE-190 : Integer Overflow or Wraparound
|
Product status
Known affected
Product |
Score |
CryptX less than 0.087 |
|
Fixed
- CryptX greater than or equal 0.087
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
Revision history
Version |
Date of the revision |
Summary of the revision |
1 |
Wed Jun 11 00:00:00 2025 |
First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/