CVE-2025-40930 | THREATINT

Description

JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact.

PUBLISHED Reserved 2025-04-16 | Published 2025-09-08 | Updated 2025-09-08 | Assigner CPANSec

Problem types

CWE-122 Heap-based Buffer Overflow

Product status

Default status

unaffected

Any version before 1.07

affected

Credits

Michael Hudak of rasotec reporter

References

metacpan.org/release/PJUHASZ/JSON-SIMD-1.06/source/SIMD.xs related

metacpan.org/release/PJUHASZ/JSON-SIMD-1.07/changes release-notes

github.com/...9a87de7331c9fa5198cae404a83b17649cf7b918.patch patch

cve.org (CVE-2025-40930)

nvd.nist.gov (CVE-2025-40930)

Download JSON