CVE-2025-40914

🗓️ 11 Jun 2025 14:15:34Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Perl CryptX before version 0.087 may have an integer overflow vulnerability from libtommath dependency.

Reporter	Title	Published	Views	Family All 121
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to arbitrary code execution (CVE-2023-36328) due to tcl	7 Nov 202422:03	–	ibm
Tenable Nessus	Amazon Linux 2023 : libtommath, libtommath-devel (ALAS2023-2023-370)	3 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : perl-CryptX, perl-CryptX-tests (ALAS2023-2025-1035)	23 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libtommath (ALASANSIBLE2-2023-010)	27 Sep 202300:00	–	nessus
Tenable Nessus	Debian dla-3857 : libtommath-dev - security update	3 Sep 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : libtommath (EulerOS-SA-2023-3014)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : libtommath (EulerOS-SA-2023-3037)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : libtommath (EulerOS-SA-2023-3185)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : libtommath (EulerOS-SA-2023-3220)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : libtommath (EulerOS-SA-2023-3308)	16 Jan 202400:00	–	nessus

Source	Link
metacpan	www.metacpan.org/release/MIK/CryptX-0.086/source/src/ltm/bn_mp_grow.c
cve	www.cve.org/CVERecord
github	www.github.com/advisories/GHSA-j3xv-6967-cv88
github	www.github.com/libtom/libtommath/pull/546

23 Mar 2026 05:04Current

7.3High risk

Vulners AI Score7.3

CVSS 3.19.8

EPSS0.00517

perl cryptx vulnerability integer overflow libtommath library