| Package | libjson-xs-perl |
|---|---|
| Version | 3.030-1+deb9u1 (stretch), 3.040-1+deb10u1 (buster) |
| Related CVEs | CVE-2025-40928 |
A vulnerability has been fixed in libjson-xs-perl, a Perl module which does C/XS-accelerated manipulation of JSON-formatted data.
CVE-2025-40928
Integer buffer overflow causing a segfault when parsing crafted JSON,
enabling denial-of-service attacks or other unspecified impact.
For Debian 10 buster, these problems have been fixed in version 3.040-1+deb10u1.
For Debian 9 stretch, these problems have been fixed in version 3.030-1+deb9u1.
We recommend that you upgrade your libjson-xs-perl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.