Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 11:40 a.m.10 views

CVE-2026-9334

A flaw was found in perl-Cpanel-JSON-XS. This vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted JSON input with duplicate object keys. When the dupkeysasarrayref option is enabled, the decodehv function incorrectly processes the input, leading ...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 1:16 a.m.16 views

CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

7.3CVSS0.00263EPSS
Exploits0References3
OSV
OSV
added 2026/06/03 1:16 a.m.8 views

UBUNTU-CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

7.3CVSS5.2AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/03 12:15 a.m.10 views

CVE-2026-9334 Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

5.8AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 12:15 a.m.13 views

EUVD-2026-34060

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:15 a.m.27 views

CVE-2026-9334

Cpanel::JSON::XS (Perl) is affected by a type-confusion issue in decode_hv() for versions before 4.41 when dupkeys_as_arrayref is enabled. The code tests duplicate keys by evaluating SvTYPE (old_value) != SVt_RV && SvTYPE (SvRV (old_value)) != SVt_PVAV, which dereferences a value via SvRV(old_val...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Cpanel::JSON::XS 安全漏洞

Cpanel::JSON::XS is a tool developed by RURBAN for converting Perl data structures into JSON format. Versions of Cpanel::JSON::XS prior to version 4.41 contained security vulnerabilities. These vulnerabilities stemmed from the use of dupkeysasarrayref, which led to type confusion when repeated...

7.3CVSS5.3AI score0.00263EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45891

Name of the Vulnerable Software and Affected Versions Cpanel::JSON::XS versions prior to 4.41 Description Type confusion occurs when dupkeys as arrayref is enabled, allowing duplicate object keys to cause a crash. The decode hv function collapses duplicate keys into an array reference; however, i...

7.3CVSS5.5AI score0.00263EPSS
Exploits0References23
Rows per page
Query Builder