{"id":"AZL-67076","summary":"CVE-2025-40928 affecting package perl-JSON-XS for versions less than 4.04-1","details":"JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact","modified":"2026-04-21T04:38:03.993847Z","published":"2025-09-08T15:15:35Z","upstream":["CVE-2025-40928"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40928"}],"affected":[{"package":{"name":"perl-JSON-XS","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/perl-JSON-XS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.04-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67076.json"}}],"schema_version":"1.7.5"}