Vulnerability Details CVE-2022-48623
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.7%
CVSS Severity
CVSS v3 Score 9.1
References
- https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293234050551c079776f/cpansa/CPANSA-Cpanel-JSON-XS.yml#L25-L36
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c37622560de9b
- https://github.com/rurban/Cpanel-JSON-XS/issues/208
- https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.33/changes
- https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293234050551c079776f/cpansa/CPANSA-Cpanel-JSON-XS.yml#L25-L36
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c37622560de9b
- https://github.com/rurban/Cpanel-JSON-XS/issues/208
- https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.33/changes