An update for perl-Cpanel-JSON-XS is now available for openEuler-24.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-2242 Final 1.0 1.0 2025-09-12 Initial 2025-09-12 2025-09-12 openEuler SA Tool V1.0 2025-09-12 perl-Cpanel-JSON-XS security update An update for perl-Cpanel-JSON-XS is now available for openEuler-24.03-LTS-SP2 This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. Security Fix(es): Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact(CVE-2025-40929) An update for perl-Cpanel-JSON-XS is now available for openEuler-24.03-LTS-SP2. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium perl-Cpanel-JSON-XS https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2242 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40929 https://nvd.nist.gov/vuln/detail/CVE-2025-40929 openEuler-24.03-LTS-SP2 perl-Cpanel-JSON-XS-4.37-2.oe2403sp2.aarch64.rpm perl-Cpanel-JSON-XS-debuginfo-4.37-2.oe2403sp2.aarch64.rpm perl-Cpanel-JSON-XS-debugsource-4.37-2.oe2403sp2.aarch64.rpm perl-Cpanel-JSON-XS-help-4.37-2.oe2403sp2.aarch64.rpm perl-Cpanel-JSON-XS-4.37-2.oe2403sp2.src.rpm perl-Cpanel-JSON-XS-4.37-2.oe2403sp2.x86_64.rpm perl-Cpanel-JSON-XS-debuginfo-4.37-2.oe2403sp2.x86_64.rpm perl-Cpanel-JSON-XS-debugsource-4.37-2.oe2403sp2.x86_64.rpm perl-Cpanel-JSON-XS-help-4.37-2.oe2403sp2.x86_64.rpm Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact 2025-09-12 CVE-2025-40929 openEuler-24.03-LTS-SP2 Medium 5.6 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L perl-Cpanel-JSON-XS security update 2025-09-12 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2242