CVE-2025-40914

Summary

Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.

CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.

Affected Software

VendorProductVersion RangeStatus
MIKCryptX0.002 <= 0.086affected

Weaknesses

  • CWE-1395: CWE-1395 Dependency on Vulnerable Third-Party Component

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References